I´ve got an Application wich makes (url)callbacks to my web2py app and
All these webhooks have a "Cookie:" header with a value identical to
the browser that caused the request to be initiated.
For for example it calls the web2py Controller with this "Cookie:"
header:
Cookie: session_id_myapp=127.0.0.1-2b77d424-4e72-4d3f-a0de-
badbcdbe6a30
In the called web2py controller I want to make the Authorization for
this call, tried to like that:
def connect():
return response.json([auth.is_logged_in(), {"name": "Test"}])
When called with the Browser, it returns:
[true, {"name": "test"}]
When called by the (url)callback, it returns:
[false, {"name": "test"}]
In this Controller I can simply grab the session_id:
def get_session_test():
if request.cookies.has_key(response.session_id_name):
value = request.cookies[response.session_id_name].value
return dict(session_id=value)
else:
return False
How can I authorize these (url)callbacks by session_id?
I´ve to query two values by the given session_id,
1. is_logged_in (boolean)
2. username or user email (string)
But, how to obtain them?
Or is there a better way to make the authorization for the
(url)callbacks?
Thank you in advance.
Dieter Asman
