401 Unauthorized when moving web2py from localhost to PythonAnywhere

Question

In my app I have a user profile page where a user is able to upload an image for their profile pic. This feature works as expect when running on localhost, but fails with a 401 Unauthorized since moving to PythonAnywhere.

Is there any reason a POST would fail with a 401 on a @auth.requires_login() decorated function, despite being logged in?

ajax call:

$('#image_form').submit(function(event){
    event.preventDefault(); 
    var up = new FormData(this);
   $.ajax({
        url: '/dids/default/update_profile',
        data: up,
        processData: false,
        contentType: false,
        type: 'POST',
        success: function(data){
            console.log(data);
        }
    });
}); 

form:

<div id=edit_div type="hidden">
    <form id="image_form" type="hidden" enctype="multipart/form-data" action="update_profile" method="post">
        <input id="image" name="image" type="file"/>
        <input name="is_img" type="hidden" value="True"/>
    </form>
</div>

controller function:

@auth.requires_login()
def update_profile():
    data = request.vars
    user_id = auth.user_id
    db(db.users.user_id == user_id).update(profile_img=data['image'])
    return 

note, I have also tried using db.users.profile_img.store() before the .update() with the same result

table definition:

db.define_table('users',
    Field('user_id',),
    Field('username'),
    Field('first_name'),
    Field('last_name'),
    Field('profile_img', 'upload'),  # image field
    Field('about', 'text'),
    Field('email'),
    Field('dids', 'reference dids'),
    Field('feed'))

Note: this portion of the site is not my code, but a teammates. Unfortunately, when it broke its now on me to fix it. There is plenty I would change, but I would like to change as little as possible, to prevent breaking anything else he did.

Answer 1

Could you POST the full trace? (maybe something is wrong/different with routes.py)