Fantastic, the request_tenant method is just what I was looking for! So this is what I've got working:
def requires_account(f): """ Redirect to the account not found page if there is no account (decorator function) """ if not get_account(): redirect(URL('accounts', 'not_found')) return f def get_account(): """ Get the account from the subdomain and store it in the session, if not already stored """ if not session.account: subdomain = request.env.http_host.split('.')[:-2].pop() session.account = db(db.account.subdomain==subdomain).select(db.account.id, db.account.title).first() return session.account defined in db.py (is that the best place to put them?) - then after I've defined the account table, I've got this: db._request_tenant = 'account_id' db._common_fields=[Field('account_id',default=session.account.id, writable=False, readable=False)] Which seems to work rather nicely. Thank you very much for your reply! On Aug 15, 10:53 pm, Anthony <abasta...@gmail.com> wrote: > You might want to consider using > this:https://groups.google.com/d/msg/web2py/NrvxeWQJvH0/wbafxppaf1QJ(note, > 'request_precinct' has been changed to the more general 'request_tenant', as > noted later in that thread). Otherwise, I suppose you could use the Auth > groups functionality > (http://web2py.com/book/default/chapter/08#Authorization) -- create a group > for each subdomain and assign/check permissions based on the current > request's subdomain. Note, the full multi-tenancy solution (first > link) might be better because it allows you to easily segment every single > database table by subdomain so any queries return only results related to > the particular subdomain. > > Also, rather than creating your own requires_account decorator, you could > probably just use auth.requires > (seehttp://web2py.com/book/default/chapter/08#Combining-Requirements). > > Anthony > > > > > > > > On Monday, August 15, 2011 4:31:33 PM UTC-4, fishwebby wrote: > > (web2py newbie here) - I've got user authentication working ok, but > > I'd like to be able to scope the auth_users inside an account. My plan > > is to have accounts identified by subdomains, e.g. > > account_one.example.com, and then inside that the users can login (a > > la Basecamp). > > > I've got the following working to get the account model based on the > > subdomain, redirecting to an "account not found" page: > > > def requires_account(f): > > subdomain = request.env.http_host.split('.')[:-2].pop() > > account = db(db.account.subdomain==subdomain).select().first() > > > if not account: > > redirect(URL('default', 'account_not_found')) > > > return f > > > @requires_account > > @auth.requires_login > > def index(): > > ... > > > However, I'm a bit stumped as to how to restrict the login to only > > those users in that account. I've added an account_id field to the > > auth_users table, but I'm not sure how to proceed - I think ideally > > I'd like to extend / override the requires_login method so it uses the > > account but I can't work out how to do it - any help (or suggestions > > of a better way to do it!) are greatly appreciated! > > > Many thanks > > Dave