Re: [web2py] Re: upgrading from 1.95.1 to 1.96.1 breaks cross app authentication

2011-08-03 Thread Heng Zeng Aun 
Thanks. Noted

On Tue, Aug 2, 2011 at 3:58 PM, Anthony abasta...@gmail.com wrote:

 On Tuesday, August 2, 2011 2:30:01 AM UTC-4, zeng wrote:

 Ok, and the next question I may sound like a retard, where to submit
 the ticket?


 Looks like this one is solved, but for future reference, tickets get
 submitted here: http://code.google.com/p/web2py/issues/list.

 Anthony

Re: [web2py] Re: upgrading from 1.95.1 to 1.96.1 breaks cross app authentication

2011-07-22 Thread Heng Zeng Aun 
Good day Massimo,

the following are the snippets:

 AppAuth/models/db.py 
db = DAL('sqlite://storage.sqlite')
session.connect(request, response, db)
auth = Auth(globals(), db)
crud = Crud(globals(), db)
auth.settings.hmac_key = 'sha512:secret key here'
auth.define_tables(username=True)
crud.settings.auth = auth

 AppA/models/db.py 
db = DAL('sqlite://../../appauth/storage.sqlite') # -- yes, point to the db
file in AppAuth
session.connect(request, response, db, masterapp='appauth')
auth = Auth(globals(), db)
auth.define_tables(migrate=False, username=True)
auth.settings.login_url = '/appauth/default/user/login'

 AppA/controllers/default.py 
@auth.requires_login()
def index():
response.view='index.html'
return dict()

@auth.requires_permission('sayhello')
def hello():
response.view='saysomething.html'
return dict(message=T(hello))


The behavior of this in 1.96.1 (and 1.97.1) is that I will be able to login
and view the page provided in AppAuth, but when browse to AppA or AppB, it
will not be able to access it because auth says its not loggin. However all
this works in 1.95.1

If i go into web2py.gluon.tools.Auth and hack current to current =
Storage(globals()) like it used to be in 1.95.1, and things works again.

I'm sure forcing current from threading.local() to something else
definitely is not the correct way of doing this (as i dont know what is the
intention of the current is using for as well : ).

Awaits your input, Many Thanks Massimo.

best,
Zeng

On Thu, Jul 21, 2011 at 8:44 PM, Massimo Di Pierro 
massimo.dipie...@gmail.com wrote:

 This change should not break it. Can you please show us the code that
 breaks and we will check what is going on? It is possible that one of
 the auth modules has not been patched correctly.

 Massimo

 On Jul 21, 11:02 am, zeng zeng...@gmail.com wrote:
  Hey guys,
 
  I'm currently running version 1.95.1 and have 3 application,
  AppAuth, AppA, AppB, AppA and AppB is using AppAuth to
  authenticate logged in user and it has been working great.
 
  After upgrading 1.96.1 and cross app authentication no longer works,
  some debuging lead to:
  - web2py.gluon.tools.Auth 
  self.environment = current
  request = current.request
  session = current.session
  - web2py.gluon.tools.Auth 
 
  and current is a threading.local() in gluon.globals.py !!!
 
  In the good'o 1.95.1 the session and auth object is retrieved from
  global() ,
 
  Question is, why is this changed? this seems to break the backward
  compatibility feature of web2py, and what are the recommended
  solutions now that global() is no longer used?
 
  Thanks!