CODEWITHSUNDEEP
web2py
4BY
4BY

Reputation: 77

Web2py Basic Auth - Authenticated User Info

I am using Basic Auth in Web2p. Usually i would use auth.user from within the function to get information related to the authenticated user, this does not seem to work when i am authenticated by Basic Authentication. Is there something i am missing?

Here Is my auth settings

auth.settings.remember_me_form=False
auth.settings.password_min_length = 8
auth.settings.registration_requires_verification = True
auth.settings.registration_requires_approval = False
auth.settings.reset_password_requires_verification = True

The function i am using to test

def call():
    session.forget()
    return service()

auth.settings.allow_basic_login = True
@auth.requires_login()
@service.run
def test():
    a = auth.user
    b= 'hello'
    return(a,b)

The purpose of this is to get the profile details of the authenticated user via a HTTP request for a phonegap app. i am using 

r = requests.get(url, auth=HTTPBasicAuth('email', 'passwd'))

it Authenticates but returns none for auth.user

Thanks

Upvotes: 1

Views: 1630

Answers (1)

Anthony
Anthony

Reputation: 25536

As per the documentation, you should not use the Auth decorators on RPC functions. Instead, you should decorate the call() function:

auth.settings.allow_basic_login = True
@auth.requires_login()
def call():
    session.forget()
    return service()

@service.run
def test():
    a = auth.user
    b = 'hello'
    return (a, b)

Anyway, you might not be satisfied with the format of the response when using the above method, as the "run" service simply applies str() to the return value -- so, you get something like:

"(<Row {'first_name': 'John', 'last_name': 'Doe', 'email': '[email protected]', 'id': '1L'}>, 'hello')"

A simpler approach would just be to return JSON:

auth.settings.allow_basic_login = True
@auth.requires_login()
def test():
    from gluon.serializers import json
    return json((auth.user, 'hello'))

Then request:

r = requests.get('http://yourdomain.com/yourapp/default/test',
                 auth=HTTPBasicAuth('email', 'passwd'))

In that case, there is no need to use service() or to create a call() function.

Upvotes: 1

Related Questions