Hi, I'm going to rewrite an API made with webpy into web2py. This API is available only over https and I'd need to use basic auth.
It's an API available only to cmdline clients such as curl, wget and so on. I think there's an error on the documentation (http://www.web2py.com/ book/default/chapter/08#Access-control-and-Basic-authentication) because the settings key is instead allow_basic_login. >From what I read on the docs, to allow only basic authentication, I need to do the following: auth.define_tables(username=True) #to use the name as username instead of the email from gluon.contrib.login_methods.basic_auth import basic_auth #import basic_auth auth.settings.allow_basic_login = True #activate basic auth auth.settings.login_methods = [basic_auth()] #force to use only basic auth and session.forget() in every function in the control. Do I need to do anything else or is this correct ? Right now basic auth is working for curl and wget but if I point to the same url with a browser, I get to http://127.0.0.1:8000/api/v1/up . I'd like web2py to return a 401 error if username and password aren't supplied ...
