everything in auth has underlying defaults to have an entity (usually, the
user) to authenticate. if it's not authenticated, then it's usually
redirected to the login page. see auth.requires signature in deep if you
want to use it as a standard "block this if this condition isn't met"
Thanks Niphlod, nice and clean solution.
I was trying to just that, but I was trying to validate that token using
the decorator @auth.requires(lambda: validate_token()) for the call()
method, but it always returned a 303 code. I also tried with a custom
decorator, with no luck.
Anyway, your
jwt is the emerging standard for apis and such, but if the usage is
all-internal, why don't you just start simple and do
if request.vars.token not in ('xa', 'bbxb', 'cc'):
raise HTTP(403)
?
On Wednesday, September 28, 2016 at 2:15:19 PM UTC+2, Marlysson Silva wrote:
>
> This
This is what you need:
http://web2py.readthedocs.io/en/latest/tools.html#gluon.tools.Auth.jwt
Json Web Token , communications to services "rest" .. I think that
facilitates your work
Em quarta-feira, 28 de setembro de 2016 08:57:59 UTC-3, Lisandro escreveu:
>
> Hi there!
> I have a web2py app
4 matches
Mail list logo