Never done a patch before, but I think in the night (here are 3PM) I
can manage to have a first draft.
I'd have to test it out, but for the beginning .. What wuold be the
patch against ? auth.py in trunk or auth.py in 1.85.3?
On 23 Set, 14:52, mdipierro <mdipie...@cs.depaul.edu> wrote:
> You are right. That would be best. Want to send me a patch?
>
> On Sep 23, 2:26 am, Niphlod <niph...@gmail.com> wrote:
>
>
>
> > I'll try in other words..... I/we (users building rest api) don't want
> > the user to be redirected to any page (my own or the default really
> > doesn't matter)...all the decorators seems to redirect
> > somewhere....instead they "should" call a function (maybe by default a
> > redirect, in order to don't break backword compatibility) that, for
> > example, I/we can modify raising a 404.
>
> > On 22 Set, 21:38, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > You want to disable the login page.
>
> > > You can try
> > >auth.settings.actions_disabled.append('login')
> > >auth.settings.actions.login_url=URL('your_own_error_page')
>
> > > On Sep 22, 2:27 pm, Niphlod <niph...@gmail.com> wrote:
>
> > > > I'm really sorry....
>
> > > > I'm looking for an answer to this question:
> > > > 2) I saw whatauth.settings.allow_basic_login = True does (and
> > > >auth.basic()) and it "allows" thebasicauthentication in addition to
> > > > the defaultauth(also with disabled actions). Maybe the defaultauth
> > > > can be shut down totally?
>
> > > > That is quite clear, I guess... I can't find a way to shut down
> > > > defaultauthand leave onlybasicauthas the default method for login
>
> > > > let's explain in other words the other "feature request" instead...
>
> > > > I don't know in deep all theauthmodule, but (at least for me) is the
> > > > one that is less "usable" when you create web services.
> > > > what I'm asking is the best way (i.e. the less error prone way) to
> > > > have theauthdecorators to return/raise an http status instead of
> > > > raising a redirect to login page or the "user" controller.
> > > > Right now it seems that you can configure quite all, but all you can
> > > > configure is where the user will be redirected when the authorization
> > > > fails....
>
> > > > If you want to create an interface to a web api, maybe a REST one, you
> > > > rarely need to redirect someone to the login page if he is not a valid
> > > > user, nor you need to redirect him if he is a valid user without the
> > > > permissions to access a particular controller/resource...you just tell
> > > > him it's not authorized (the "recommended" behaviour would be to raise
> > > > a 404).
>
> > > > Going by hand to patch theauthmodule substituting all redirects to
> > > > something else or creating a new one from scratch seems a little bit a
> > > > long catch...maybe who planned and coded theauthmodule will figure
> > > > out a "smart" way to enable this behaviour...and I think that web2py
> > > > will be a good contender to django-piston or other frameworks of
> > > > choice when you are going to create a web [RESTful] API.- Nascondi
> > > > testo citato
>
> > > - Mostra testo citato -- Nascondi testo citato
>
> - Mostra testo citato -
