I´ve got an Application wich makes (url)callbacks to my web2py app and All these webhooks have a "Cookie:" header with a value identical to the browser that caused the request to be initiated. For for example it calls the web2py Controller with this "Cookie:" header:
Cookie: session_id_myapp=127.0.0.1-2b77d424-4e72-4d3f-a0de- badbcdbe6a30 In the called web2py controller I want to make the Authorization for this call, tried to like that: def connect(): return response.json([auth.is_logged_in(), {"name": "Test"}]) When called with the Browser, it returns: [true, {"name": "test"}] When called by the (url)callback, it returns: [false, {"name": "test"}] In this Controller I can simply grab the session_id: def get_session_test(): if request.cookies.has_key(response.session_id_name): value = request.cookies[response.session_id_name].value return dict(session_id=value) else: return False How can I authorize these (url)callbacks by session_id? I´ve to query two values by the given session_id, 1. is_logged_in (boolean) 2. username or user email (string) But, how to obtain them? Or is there a better way to make the authorization for the (url)callbacks? Thank you in advance. Dieter Asman