on_failed_authorization can be a URL or a function.
I'm think I could use this to achieve conditional login redirection.
A use case would be service calls returning a simple string (or a JSON
or an XML reply to non-validated requests), while still allowing for
regular (non-service requests) to be redirected to a login page.
This is useful for command-line clients (as a recent post argues) and
desktops clients, but also to browser based RIA apps (e.g. Pyjamas
based, Flex,...) where session expiration could lead to wanted
redirections (as is mentioned in
http://www.web2pyslices.com/main/slices/take_slice/48 ).
I would see this as something as simple as:
[in models/db.py]
private_service = Service(globals()) # PRIVATE - for json,
xml, jsonrpc, xmlrpc, amfrpc
public_service = Service(globals()) # PUBLIC - for json,
xml, jsonrpc, xmlrpc, amfrpc
...
auth.settings.allow_basic_login = True
def failedAuthHandler():
if request.function == 'private_call':
redirect(URL(f='public_call', args='failed_login'))
else:
redirect(URL(request))
auth.settings.on_failed_authorization = failedAuthHandlerandler
[in controllers/default]
@private_service.jsonrpc
def jsoncount():
return dict(response=response.session_id_name, now=request.now)
@public_service.jsonrpc
def failed_login():
return dict(error='Failed login')
def public_call():
return public_service()
@auth.requires_login()
def private_call():
return private_service()
However, I'm unable to make this code work.
>From the command line, if I issue a call with basic auth, with good
credentials, such as:
>>> import jsonrpc
>>> sv =
>>> jsonrpc.ServiceProxy("http://GOOD_USER:GOOD_PASS@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc";)
>>> sv.jsoncount()
>>> {'now': '2011-01-30 10:31:21', 'response': 'session_id_json_auth_test'}
But bad credentials don't work as expected:
>>> import jsonrpc
>>> sv =
>>> jsonrpc.ServiceProxy("http://GOOD_USER:BAD_PASS@127.0.0.1:8080/json_auth_test/default/private_call/jsonrpc";)
>>> sv.jsoncount()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/proxy.py",
line 43, in __call__
resp = loads(respdata)
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/jsonrpc/json.py",
line 211, in loads
raise JSONDecodeException('Expected []{}," or Number, Null, False or True')
jsonrpc.json.JSONDecodeException: Expected []{}," or Number, Null, False or True
>>>
>From the browser using an url with or without credentials, for both:
.../default/private_call/jsoncount
.../default/public_call/failed_login
I get:
Object does not exist with a Status 404 content header
Am I on the right track?
How could this be achieved?
Txs,
Miguel
