Re: [web2py] Custom JWT login -> Login validated user without a password.

2020-09-14 Thread Kevin Keller 
Nope, its not stupid.

At least not as long as you store data in the local database of your app
that is not stored in the directory of your identity management system.
Then you would just duplicate data and I would just use the claims from the
IDM to work in the app.
But if your app stores data about the user that is not stored in the IDM
for example if you have a web shop and you want to store the
puchase history,
you probably do not want to store that in your IDM directory but leave in
the local database. In order for your app to understand what data to pull
for that user from
the local datatabase it is important to create the user entity in the local
app as well as have it the IDM.
I usually check if a user that just authenticated via the IDM is already in
the database and if not I create / update the user in the local database.

In terms loggin users in I think it web2py it was straight forward if I
remember correctly..

Looking at ths snipped:
http://www.web2pyslices.com/slice/show/1443/auto-login-when-you-come-from-localhost

I think you can extract the username from the token and then do:

user = db(db.auth_user.username==username).select().first()
auth.user = user




Am Mo., 14. Sept. 2020 um 08:14 Uhr schrieb hiro :

> Thank you! You are spot on. I have redirected the user to a Single Signon
> page, and got redirected back with a token, that I then use the requests
> library and my key to validate to extract the username and permissions.
>
> I already have the users in the default auth tables, so basically now that
> user X has provided av valid token I want to be able to login that user.
>
> Maybe that is just stupid? Maybe one should just use the extracted data as
> from the token and never store any of it in the internal user database?
>
>
>
> On Friday, September 11, 2020 at 5:13:18 PM UTC+2 kell...@gmail.com wrote:
>
>> I am not sure I understand what you have done completely, but let me give
>> it a shot at the point where you ask how to validate a jwt token.
>>
>> The IDP that created the JWT token will sign the JWT token.
>> So you need to send the token e.g. via POST to web2py and then use pyjwt
>> to verify the token with however means that token was signed.
>> Maybe a simple passphrase, shared key, public key etc.
>>
>> Once you verified the signature you can use pyjwt
>> to load the contents of the token into a python dict.
>> Some IDPs include information about the person loggin in as "claims".
>> Info such as First Name, Last Name, Email, Username/Displayname etc. you
>> can extract those information
>> and create the user in web2py and log the user in with a web2py session.
>>
>> Some IDPs do not put anything in the token and ask you to use the jwt
>> token to call a userinfo endpoint (restful api of the IDP),
>> to extract more info about the user directly from the IDP instead of from
>> the token.
>>
>> The token usually was issued with certian scopes e.g. openid, profile,
>> email and depending on the scopes of the token, the IDP will either
>> give this information or not.
>> Usually you also have to whitelist in the IDP from which hosts such a
>> call can come from and which hosts can actually obtain tokens etc.
>>
>>
>>
>> Am Fr., 11. Sept. 2020 um 16:06 Uhr schrieb hiro :
>>
>>> Hi, quick question!
>>>
>>> I am working on an internal API using web2py and the organization I am
>>> working for wants us to use JWTs. I have had no success with the JWTAuth in
>>> the tools file, but have successfully been able to redirect to the single
>>> sing-on provider and then validate the token as the single sign on provider
>>> redirects back to the web2py service.
>>>
>>> So basically I have been able to validate that a user with a given
>>> username is allowed to log in. Now, the question becomes, how do I log in
>>> the user?
>>>
>>> Assume the user already exists within the Auth DB for now. In the long
>>> run I will need to update user permission and LDAP groups and so on, but
>>> now I just need how to login problematically when I know the user is
>>> allowed to login by a validated JWT token, but I have no password or
>>> anything else except the username,
>>>
>>>
>>> # Code to validate JWT token..
>>>
>>> username = validated_jwt_token.preffered_username.
>>> Auth.login(username)
>>>
>>> # User should now be logged in.
>>>
>>> Any idea?
>>> Thanks!
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to web2py+un...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/0c6cfe00-9e4d-416a-b547-76809c19e751o%40googlegroups.com
>>>

[web2py] Re: sum decimal error?

2020-09-14 Thread 'DenesL' via web2py-users 

I have found my mistake, in the query
db(ti.DocNum == doc)
I was using the wrong variable (doc) which is a row,
it should be docnum.

Thanks villas for your help and words of encouragement.



On Friday, September 11, 2020 at 11:26:51 AM UTC-4 DenesL wrote:

> Hi villas
>
> thanks for your suggestion.
> I ran a test in the shell and it works:
>
> web2py Web Framework
> Created by Massimo Di Pierro, Copyright 2007-2020
> Version 2.20.4-stable+timestamp.2020.05.03.05.18.50
> Database drivers available: sqlite3, pyodbc, imaplib, pymysql
> WARNING:web2py:import IPython error; use default python shell
> Python 3.7.8 (tags/v3.7.8:4b47a5b6ba, Jun 28 2020, 08:53:46) [MSC v.1916 
> 64 bit (AMD64)] on win32
> Type "help", "copyright", "credits" or "license" for more information.
> (InteractiveConsole)
> >>> db.tables
> ['auth_user', 'auth_group', 'auth_membership', 'auth_permission', 
> 'auth_event', 'auth_cas', 'docscan', 'itmscan']
> >>> ti=db.itmscan
> >>> ss=db(ti.DocNum==350).select()
> >>> print(ss)
> itmscan.id
> ,itmscan.DocNum,itmscan.ItemCode,itmscan.Dscription,itmscan.box,itmsca
>
> n.scanqty,itmscan.scanid,itmscan.empid,itmscan.status,itmscan.spcins,itmscan.tstamp
> 1,350,P10002,"PC - 12x core, 64GB, 5 x 150GB 
> SSD",1,1.00,SCANNER1,emp003,,,2020-09-09 09:14:12
> 2,350,P10002,"PC - 12x core, 64GB, 5 x 150GB 
> SSD",1,1.00,SCANNER1,emp003,,,2020-09-09 09:15:25
> >>> scnqtysum = ti.scanqty.sum()
> >>> ss=db(ti.DocNum==350).select(scnqtysum)
> >>> print(ss)
> "SUM(""itmscan"".""scanqty"")"
> 2.00
>
> so something is amiss somewhere...
>
> BTW, having DocNum=='350' makes no difference.
>
> Denes
>
> On Friday, September 11, 2020 at 6:34:50 AM UTC-4 villas wrote:
>
>> Are you sure your *doc *search value is an integer?
>>
>> Maybe a little more experimentation.  Simplify and then incrementally add 
>> complexity.  Start here...
>> ss = db(ti.DocNum == 99).select(scnqtysum) 
>>
>> Also, check the SQL:
>> ss = db(ti.DocNum == doc)._select(scnqtysum)  ## note the underline chr _ 
>>
>> On Friday, 11 September 2020 at 03:30:54 UTC+1 DenesL wrote:
>>
>>> Hi villas
>>>
>>> thanks for your reply.
>>> There should be no NULLs in there since I deleted all tables and started 
>>> from a blank slate.
>>> Still no idea why this happens. Why is trying to use __int__ if it is a 
>>> decimal?.
>>>
>>> Denes
>>>
>>> On Thursday, September 10, 2020 at 12:04:44 PM UTC-4 villas wrote:
>>>
 Hi Denes
 Just a thought,  and I'm not sure if this is the answer,  but the 
 following indicates that there is a null value in the DB field:
 TypeError: __int__ returned non-int (type NoneType) 

 Maybe you initially created the field without a default and then added 
 the default=0.0 later.  This may have enabled you to create records with 
 null values?

 I therefore suggest you search for any null values and replace them 
 with 0.0.  Perhaps you could run this query
 update itmscan set scanqty = 0.0 where scanqty is null


 On Wednesday, 9 September 2020 at 15:31:59 UTC+1 DenesL wrote:

> Hi group
>
> running Version 2.20.4-stable+timestamp.2020.05.03.05.18.50
> with SQL Server 2012 on Win 8.1
>
> I am getting the following error when I try to sum a decimal field in 
> a table:
>
> Traceback (most recent call last):
> File "C:\w2p\web2py22004py3\gluon\restricted.py", line 219, in 
> restricted
> exec(ccode, environment)
> File 
> "C:/w2p/web2py22004py3/applications/scanpak/controllers/default.py" 
> ,
>  
> line 1948, in 
> File "C:\w2p\web2py22004py3\gluon\globals.py", line 430, in 
> self._caller = lambda f: f()
> File 
> "C:/w2p/web2py22004py3/applications/scanpak/controllers/default.py" 
> ,
>  
> line 1941, in scanvsdoc
> ss = db(ti.DocNum == doc).select(ti.ItemCode, scnqtysum, groupby = ti.
> ItemCode)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\objects.py", line 
> 2634, in select
> return adapter.select(self.query, fields, attributes)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 874, in select
> colnames, sql = self._select_wcols(query, fields, **attributes)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 768, in _select_wcols
> query = self.expand(query, query_env=query_env)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 487, in _expand
> rv = op(first, second, **optional_args)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\dialects\base.py", 
> line 406, in eq
> self.expand(second, first.type, query_env=query_env),
> File 
> "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\dialects\__init__.py", 
> line 97,

[web2py] Re: sum decimal error?

2020-09-14 Thread villas 
Hi Denes
Now that you are making things work on the commandline,  you should be able 
to figure it out.  
Maybe you don't need a groupby.  
Maybe you have a non-integer value in one of the fields (yes, this kind of 
thing could happen on sqllite).  An integer saved as a string will be 
converted to an int,  but for example 'A1234' would clearly not work.  Your 
data could turn out to be the problem but problems and bugs can be DB 
specific too.  
Keep experimenting!  
Best wishes.

On Friday, 11 September 2020 at 16:26:51 UTC+1 DenesL wrote:

> Hi villas
>
> thanks for your suggestion.
> I ran a test in the shell and it works:
>
> web2py Web Framework
> Created by Massimo Di Pierro, Copyright 2007-2020
> Version 2.20.4-stable+timestamp.2020.05.03.05.18.50
> Database drivers available: sqlite3, pyodbc, imaplib, pymysql
> WARNING:web2py:import IPython error; use default python shell
> Python 3.7.8 (tags/v3.7.8:4b47a5b6ba, Jun 28 2020, 08:53:46) [MSC v.1916 
> 64 bit (AMD64)] on win32
> Type "help", "copyright", "credits" or "license" for more information.
> (InteractiveConsole)
> >>> db.tables
> ['auth_user', 'auth_group', 'auth_membership', 'auth_permission', 
> 'auth_event', 'auth_cas', 'docscan', 'itmscan']
> >>> ti=db.itmscan
> >>> ss=db(ti.DocNum==350).select()
> >>> print(ss)
> itmscan.id
> ,itmscan.DocNum,itmscan.ItemCode,itmscan.Dscription,itmscan.box,itmsca
>
> n.scanqty,itmscan.scanid,itmscan.empid,itmscan.status,itmscan.spcins,itmscan.tstamp
> 1,350,P10002,"PC - 12x core, 64GB, 5 x 150GB 
> SSD",1,1.00,SCANNER1,emp003,,,2020-09-09 09:14:12
> 2,350,P10002,"PC - 12x core, 64GB, 5 x 150GB 
> SSD",1,1.00,SCANNER1,emp003,,,2020-09-09 09:15:25
> >>> scnqtysum = ti.scanqty.sum()
> >>> ss=db(ti.DocNum==350).select(scnqtysum)
> >>> print(ss)
> "SUM(""itmscan"".""scanqty"")"
> 2.00
>
> so something is amiss somewhere...
>
> BTW, having DocNum=='350' makes no difference.
>
> Denes
>
> On Friday, September 11, 2020 at 6:34:50 AM UTC-4 villas wrote:
>
>> Are you sure your *doc *search value is an integer?
>>
>> Maybe a little more experimentation.  Simplify and then incrementally add 
>> complexity.  Start here...
>> ss = db(ti.DocNum == 99).select(scnqtysum) 
>>
>> Also, check the SQL:
>> ss = db(ti.DocNum == doc)._select(scnqtysum)  ## note the underline chr _ 
>>
>> On Friday, 11 September 2020 at 03:30:54 UTC+1 DenesL wrote:
>>
>>> Hi villas
>>>
>>> thanks for your reply.
>>> There should be no NULLs in there since I deleted all tables and started 
>>> from a blank slate.
>>> Still no idea why this happens. Why is trying to use __int__ if it is a 
>>> decimal?.
>>>
>>> Denes
>>>
>>> On Thursday, September 10, 2020 at 12:04:44 PM UTC-4 villas wrote:
>>>
 Hi Denes
 Just a thought,  and I'm not sure if this is the answer,  but the 
 following indicates that there is a null value in the DB field:
 TypeError: __int__ returned non-int (type NoneType) 

 Maybe you initially created the field without a default and then added 
 the default=0.0 later.  This may have enabled you to create records with 
 null values?

 I therefore suggest you search for any null values and replace them 
 with 0.0.  Perhaps you could run this query
 update itmscan set scanqty = 0.0 where scanqty is null


 On Wednesday, 9 September 2020 at 15:31:59 UTC+1 DenesL wrote:

> Hi group
>
> running Version 2.20.4-stable+timestamp.2020.05.03.05.18.50
> with SQL Server 2012 on Win 8.1
>
> I am getting the following error when I try to sum a decimal field in 
> a table:
>
> Traceback (most recent call last):
> File "C:\w2p\web2py22004py3\gluon\restricted.py", line 219, in 
> restricted
> exec(ccode, environment)
> File 
> "C:/w2p/web2py22004py3/applications/scanpak/controllers/default.py" 
> ,
>  
> line 1948, in 
> File "C:\w2p\web2py22004py3\gluon\globals.py", line 430, in 
> self._caller = lambda f: f()
> File 
> "C:/w2p/web2py22004py3/applications/scanpak/controllers/default.py" 
> ,
>  
> line 1941, in scanvsdoc
> ss = db(ti.DocNum == doc).select(ti.ItemCode, scnqtysum, groupby = ti.
> ItemCode)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\objects.py", line 
> 2634, in select
> return adapter.select(self.query, fields, attributes)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 874, in select
> colnames, sql = self._select_wcols(query, fields, **attributes)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 768, in _select_wcols
> query = self.expand(query, query_env=query_env)
> File "C:\w2p\web2py22004py3\gluon\packages\dal\pydal\adapters\base.py", 
> line 487, in _expand
> rv = op(first, s

[web2py] Re: Sessions management and Firefox langage

2020-09-14 Thread Nicolas Hiblot 
Dear Clemens 

Sorry for the late answer .. it was my birthday on sunday ... 
Well, 

My web2py  application has a combo box with a lot of languages for a 
langage choice 
with a T.force(configuration.language) 
so the user can change the langage of the web2py application : no problem 

My problem is 
On the login page : there is no translation because I use a web2py_user_form 
(no translation) 
So the translation is made by Firefox and not by web2py (only for this 
page) 

If I change the Firefox langage : the langage is OK on the login page 
but all the properties of my other pages crash 
because of an error in 

lastUserLogged = db(db.auth_event.description.contains('connect'
)).select(orderby=~db.auth_event.time_stamp,limitby=(0, 1)).first().user_id
or 
lastUserName = db(db.auth_user.id == 
lastUserLogged).select(db.auth_user.username).first().username

because of the modification in Firefox ... 


Le jeudi 10 septembre 2020 à 12:21:24 UTC+2, Clemens a écrit :

> Well then, here's the solution that I'm using for the user to decide the 
> language by him/herself:
> auth.settings.extra_fields['auth_user']= [
> ...
> Field('lang', length=2, label=T('Language'), requires = 
> IS_IN_SET(('EN', 'DE')), default='EN'),
> ... ]
> *(There the user can decide whether to use English or German)*
>
> By this, the user can maintain the language in his/her profile.
>
> Then, in each controller I force the translator 
> 
>  
> to the users language by:
> T.force(auth.user.lang)
>
> That's my favorite. I first thought, you would like to have automatic 
> language selection by the browser. But letting the user to decide has the 
> further advantage, that e.g. a German user working with an English browser 
> can still have a German user interface.
>
> Is this, what you are looking for?
>
> Best regards
> Clemens
>
>
> On Thursday, September 10, 2020 at 12:04:13 PM UTC+2 lapin...@gmail.com 
> wrote:
>
>> Dear All; 
>>
>> Another solution should be the integration of the translation in the 
>> native web2py_user_form 
>> Is it possible ? 
>>
>> Le jeudi 10 septembre 2020 à 11:50:33 UTC+2, Nicolas Hiblot a écrit :
>>
>>> Thanks for your answer Clemens, 
>>> My problem is : I cannot control what the final user can do with its 
>>> Firefox 
>>> So I would like to solve the problem directly with web2py 
>>> Because 
>>>
>>> 1) I'm in native language : it works perfectly.  User is Utilisateur in 
>>> French 
>>> 2) I put English, german etc ... on a french Firefox installation : 
>>> Utilisateur become sUser but when i'm login into my application : it does 
>>> not work 
>>> 3° I choose French : it's works again 
>>>
>>> So Firefox change is correct on my side 
>>> but queries of lastUserLoggued are not ... 
>>>
>>> Maybe i make something wrong in 
>>>
>>>
>>> lastUserLogged = db(db.auth_event.description.contains('connect'
>>> )).select(orderby=~db.auth_event.time_stamp,limitby=(0, 1
>>> )).first().user_id
>>> or 
>>> lastUserName = db(db.auth_user.id == 
>>> lastUserLogged).select(db.auth_user.username).first().username
>>>
>>> Regards
>>>
>>> Nicolas 
>>> Le jeudi 10 septembre 2020 à 10:59:51 UTC+2, Clemens a écrit :
>>>
 From 
 https://blog.mozilla.org/l10n/2019/04/02/changing-the-language-of-firefox-directly-from-the-browser/



 *Language SettingsIn Firefox there are two main user facing settings 
 related to languages:*

- *Web content: when you visit a web page, the browser will 
communicate to the server which languages you’d like to see content in. 
Technically, this is done by sending an Accept-Language HTTP header, 
 which 
contains a list of locale codes in the user’s preferred order.*
- *User interface: the language in which you want to see the 
browser (menus, preferences, etc.).*

 *The difference between the two is not as intuitive as it might seem. A 
 lot of users change the web content settings, and expect the user 
 interface 
 to change.*

 There you can see how to handle this. Hope, it helps!


 On Thursday, September 10, 2020 at 10:37:40 AM UTC+2 lapin...@gmail.com 
 wrote:

> Hello All, 
>
> I will try  to present my problem simply :
> I have a web2py application with a very simply homepage user.html 
>
> User and Password labels &  Login Button are automatically 
> translatedby Firefox 
> in Firefox the detected langage 
>
> If a user enter login / password 
> I check user permissions and I show HTML page according to its 
> permissions 
> by using some code already test as : 
>
> lastUserLogged = db(db.auth_event.description.contains('connect'
> )).select(orderby=~db.auth_event.time_stamp,limitby=(0, 1
> )).first().user_id
>
> and 
>
> lastUserName = db(db.auth_user.id == 
> lastUserLogg