Re: [web2py] py4web jwt ?

[Kevin Keller]

What are the current files that would need to be fixed to be pyjwt 2
compatible?

auth and form no?

Anything else?


[image: cloudHQ]  Powered by
cloudHQ 

Am Mo., 1. März 2021 um 09:02 Uhr schrieb Nico Zanferrari <
nicoz...@gmail.com>:

> BTW,
>
> in fact JWT  is cited here :
> https://py4web.com/_documentation/static/en/chapter-04.html#sessions -
> and I'm even currently working for expanding it ;-)
>
> Nico
>
> Il giorno ven 26 feb 2021 alle ore 19:55 Richard Vézina <
> ml.richard.vez...@gmail.com> ha scritto:
>
>> Thanks
>>
>> On Fri, Feb 26, 2021 at 1:43 PM Kevin Keller  wrote:
>>
>>> Look for the email thread with the following title in the py4web google
>>> group and you ll find a way:
>>>
>>> Sample Code simple JWT Auth for pydal API
>>>
>>>
>>> in the
>>>
>>>
>>> [image: cloudHQ]  Powered by
>>> cloudHQ 
>>>
>>> Am Fr., 26. Feb. 2021 um 19:39 Uhr schrieb Richard Vézina <
>>> ml.richard.vez...@gmail.com>:
>>>
 UP!

 Is py4web has jwt token mechanism??

 Evaluating py4web currently (yes getting back to good stuff loved
 web2py and pydal)...

 I would need py4web to support jwt (https://jwt.io/). I recall that
 been implement in web2py

 Not found anything in the doc about it :
 https://py4web.com/_documentation/static/en/chapter-11.html

 Thanks

 Richard

 On Thu, Feb 20, 2020 at 2:19 PM Val K  wrote:

> As I know py2web already stores _session_token as jwt, no?
>
> On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller
> wrote:
>>
>> With a Spa the routing is done in Javascript in the Browser.
>>
>> So Javascript or Vue / React etc need. To check if the user has a
>> access or id_token and if not redirect to the login page to obtain it.
>>
>> Doing crud and be able to secure those crud rest routes will be
>> critical for productivity.
>>
>> So we need a simple jwt token minting engine that at least can spit
>> out a access token for prototyping and and easy way to switch over to 
>> other
>> IAM solutions with py4web for production that can do the token minting.
>>
>> That is something I am currently working on the whole oidc auth part
>> make it easy and I also want to make it available for web2py.
>>
>> I have updated and got the oauth2 login provider working with Okta
>> yesterday and web2py.
>>
>> Will share this. Code asap and sent a push to git to have that
>> provider updated and at some providers for different IAM solutions for 
>> both
>> web2py and py4web going forward.
>>
>> Will try to share an example with py4web asap once I have something
>> working.
>>
>> Will probaly be on the. Weekend.
>>
>>
>>
>>
>>
>>
>> On Thu, 20 Feb 2020, 10:42 Val K,  wrote:
>>
>>> check request.content_type - is that 'application/json' ?
>>>
>>> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:

 getting this from py4web as an api.
 [image: image.png]
 Is not what i would like to see from a SPA standpoint.

 Regards
 António


 Em qui., 20 de fev. de 2020 às 18:03, Val K 
 escreveu:

> It seems it depends on request.content_type
>
> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google
> Groups "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to web...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
> .
>
 --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it,
>>> send an email to web...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
>>> 

Re: [web2py] py4web jwt ?

[Nico Zanferrari]

BTW,

in fact JWT  is cited here :
https://py4web.com/_documentation/static/en/chapter-04.html#sessions - and
I'm even currently working for expanding it ;-)

Nico

Il giorno ven 26 feb 2021 alle ore 19:55 Richard Vézina <
ml.richard.vez...@gmail.com> ha scritto:

> Thanks
>
> On Fri, Feb 26, 2021 at 1:43 PM Kevin Keller  wrote:
>
>> Look for the email thread with the following title in the py4web google
>> group and you ll find a way:
>>
>> Sample Code simple JWT Auth for pydal API
>>
>>
>> in the
>>
>>
>> [image: cloudHQ]  Powered by
>> cloudHQ 
>>
>> Am Fr., 26. Feb. 2021 um 19:39 Uhr schrieb Richard Vézina <
>> ml.richard.vez...@gmail.com>:
>>
>>> UP!
>>>
>>> Is py4web has jwt token mechanism??
>>>
>>> Evaluating py4web currently (yes getting back to good stuff loved web2py
>>> and pydal)...
>>>
>>> I would need py4web to support jwt (https://jwt.io/). I recall that
>>> been implement in web2py
>>>
>>> Not found anything in the doc about it :
>>> https://py4web.com/_documentation/static/en/chapter-11.html
>>>
>>> Thanks
>>>
>>> Richard
>>>
>>> On Thu, Feb 20, 2020 at 2:19 PM Val K  wrote:
>>>
 As I know py2web already stores _session_token as jwt, no?

 On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller wrote:
>
> With a Spa the routing is done in Javascript in the Browser.
>
> So Javascript or Vue / React etc need. To check if the user has a
> access or id_token and if not redirect to the login page to obtain it.
>
> Doing crud and be able to secure those crud rest routes will be
> critical for productivity.
>
> So we need a simple jwt token minting engine that at least can spit
> out a access token for prototyping and and easy way to switch over to 
> other
> IAM solutions with py4web for production that can do the token minting.
>
> That is something I am currently working on the whole oidc auth part
> make it easy and I also want to make it available for web2py.
>
> I have updated and got the oauth2 login provider working with Okta
> yesterday and web2py.
>
> Will share this. Code asap and sent a push to git to have that
> provider updated and at some providers for different IAM solutions for 
> both
> web2py and py4web going forward.
>
> Will try to share an example with py4web asap once I have something
> working.
>
> Will probaly be on the. Weekend.
>
>
>
>
>
>
> On Thu, 20 Feb 2020, 10:42 Val K,  wrote:
>
>> check request.content_type - is that 'application/json' ?
>>
>> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>>>
>>> getting this from py4web as an api.
>>> [image: image.png]
>>> Is not what i would like to see from a SPA standpoint.
>>>
>>> Regards
>>> António
>>>
>>>
>>> Em qui., 20 de fev. de 2020 às 18:03, Val K 
>>> escreveu:
>>>
 It seems it depends on request.content_type

 https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35

 --
 Resources:
 - http://web2py.com
 - http://web2py.com/book (Documentation)
 - http://github.com/web2py/web2py (Source code)
 - https://code.google.com/p/web2py/issues/list (Report Issues)
 ---
 You received this message because you are subscribed to the Google
 Groups "web2py-users" group.
 To unsubscribe from this group and stop receiving emails from it,
 send an email to web...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
 .

>>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google
>> Groups "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to web...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
>> 
>> .
>>
> --
 Resources:
 - http://web2py.com
 - http://web2py.com/book (Documentation)
 - http://github.com/web2py/web2py (Source code)
 - https://code.google.com/p/web2py/issues/list (Report Issues)
 ---
 You received this message because you are subscribed to the Google
 Groups "web2py-users" group.
 To 

Re: [web2py] py4web jwt ?

[Richard Vézina]

Thanks

On Fri, Feb 26, 2021 at 1:43 PM Kevin Keller  wrote:

> Look for the email thread with the following title in the py4web google
> group and you ll find a way:
>
> Sample Code simple JWT Auth for pydal API
>
>
> in the
>
>
> [image: cloudHQ]  Powered by
> cloudHQ 
>
> Am Fr., 26. Feb. 2021 um 19:39 Uhr schrieb Richard Vézina <
> ml.richard.vez...@gmail.com>:
>
>> UP!
>>
>> Is py4web has jwt token mechanism??
>>
>> Evaluating py4web currently (yes getting back to good stuff loved web2py
>> and pydal)...
>>
>> I would need py4web to support jwt (https://jwt.io/). I recall that been
>> implement in web2py
>>
>> Not found anything in the doc about it :
>> https://py4web.com/_documentation/static/en/chapter-11.html
>>
>> Thanks
>>
>> Richard
>>
>> On Thu, Feb 20, 2020 at 2:19 PM Val K  wrote:
>>
>>> As I know py2web already stores _session_token as jwt, no?
>>>
>>> On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller wrote:

 With a Spa the routing is done in Javascript in the Browser.

 So Javascript or Vue / React etc need. To check if the user has a
 access or id_token and if not redirect to the login page to obtain it.

 Doing crud and be able to secure those crud rest routes will be
 critical for productivity.

 So we need a simple jwt token minting engine that at least can spit out
 a access token for prototyping and and easy way to switch over to other IAM
 solutions with py4web for production that can do the token minting.

 That is something I am currently working on the whole oidc auth part
 make it easy and I also want to make it available for web2py.

 I have updated and got the oauth2 login provider working with Okta
 yesterday and web2py.

 Will share this. Code asap and sent a push to git to have that provider
 updated and at some providers for different IAM solutions for both web2py
 and py4web going forward.

 Will try to share an example with py4web asap once I have something
 working.

 Will probaly be on the. Weekend.






 On Thu, 20 Feb 2020, 10:42 Val K,  wrote:

> check request.content_type - is that 'application/json' ?
>
> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>>
>> getting this from py4web as an api.
>> [image: image.png]
>> Is not what i would like to see from a SPA standpoint.
>>
>> Regards
>> António
>>
>>
>> Em qui., 20 de fev. de 2020 às 18:03, Val K 
>> escreveu:
>>
>>> It seems it depends on request.content_type
>>>
>>> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>>>
>>> --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it,
>>> send an email to web...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
>>> .
>>>
>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google
> Groups "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to web...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
> 
> .
>
 --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to web2py+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/1e3387f6-bf14-406f-9c6b-306a06630961%40googlegroups.com
>>> 
>>> .
>>>
>> --

Re: [web2py] py4web jwt ?

[Kevin Keller]

Look for the email thread with the following title in the py4web google
group and you ll find a way:

Sample Code simple JWT Auth for pydal API


in the


[image: cloudHQ]  Powered by
cloudHQ 

Am Fr., 26. Feb. 2021 um 19:39 Uhr schrieb Richard Vézina <
ml.richard.vez...@gmail.com>:

> UP!
>
> Is py4web has jwt token mechanism??
>
> Evaluating py4web currently (yes getting back to good stuff loved web2py
> and pydal)...
>
> I would need py4web to support jwt (https://jwt.io/). I recall that been
> implement in web2py
>
> Not found anything in the doc about it :
> https://py4web.com/_documentation/static/en/chapter-11.html
>
> Thanks
>
> Richard
>
> On Thu, Feb 20, 2020 at 2:19 PM Val K  wrote:
>
>> As I know py2web already stores _session_token as jwt, no?
>>
>> On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller wrote:
>>>
>>> With a Spa the routing is done in Javascript in the Browser.
>>>
>>> So Javascript or Vue / React etc need. To check if the user has a access
>>> or id_token and if not redirect to the login page to obtain it.
>>>
>>> Doing crud and be able to secure those crud rest routes will be critical
>>> for productivity.
>>>
>>> So we need a simple jwt token minting engine that at least can spit out
>>> a access token for prototyping and and easy way to switch over to other IAM
>>> solutions with py4web for production that can do the token minting.
>>>
>>> That is something I am currently working on the whole oidc auth part
>>> make it easy and I also want to make it available for web2py.
>>>
>>> I have updated and got the oauth2 login provider working with Okta
>>> yesterday and web2py.
>>>
>>> Will share this. Code asap and sent a push to git to have that provider
>>> updated and at some providers for different IAM solutions for both web2py
>>> and py4web going forward.
>>>
>>> Will try to share an example with py4web asap once I have something
>>> working.
>>>
>>> Will probaly be on the. Weekend.
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Thu, 20 Feb 2020, 10:42 Val K,  wrote:
>>>
 check request.content_type - is that 'application/json' ?

 On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>
> getting this from py4web as an api.
> [image: image.png]
> Is not what i would like to see from a SPA standpoint.
>
> Regards
> António
>
>
> Em qui., 20 de fev. de 2020 às 18:03, Val K 
> escreveu:
>
>> It seems it depends on request.content_type
>>
>> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>>
>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google
>> Groups "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to web...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
>> .
>>
> --
 Resources:
 - http://web2py.com
 - http://web2py.com/book (Documentation)
 - http://github.com/web2py/web2py (Source code)
 - https://code.google.com/p/web2py/issues/list (Report Issues)
 ---
 You received this message because you are subscribed to the Google
 Groups "web2py-users" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to web...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
 
 .

>>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to web2py+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/web2py/1e3387f6-bf14-406f-9c6b-306a06630961%40googlegroups.com
>> 
>> .
>>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You 

Re: [web2py] py4web jwt ?

[Richard Vézina]

UP!

Is py4web has jwt token mechanism??

Evaluating py4web currently (yes getting back to good stuff loved web2py
and pydal)...

I would need py4web to support jwt (https://jwt.io/). I recall that been
implement in web2py

Not found anything in the doc about it :
https://py4web.com/_documentation/static/en/chapter-11.html

Thanks

Richard

On Thu, Feb 20, 2020 at 2:19 PM Val K  wrote:

> As I know py2web already stores _session_token as jwt, no?
>
> On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller wrote:
>>
>> With a Spa the routing is done in Javascript in the Browser.
>>
>> So Javascript or Vue / React etc need. To check if the user has a access
>> or id_token and if not redirect to the login page to obtain it.
>>
>> Doing crud and be able to secure those crud rest routes will be critical
>> for productivity.
>>
>> So we need a simple jwt token minting engine that at least can spit out a
>> access token for prototyping and and easy way to switch over to other IAM
>> solutions with py4web for production that can do the token minting.
>>
>> That is something I am currently working on the whole oidc auth part make
>> it easy and I also want to make it available for web2py.
>>
>> I have updated and got the oauth2 login provider working with Okta
>> yesterday and web2py.
>>
>> Will share this. Code asap and sent a push to git to have that provider
>> updated and at some providers for different IAM solutions for both web2py
>> and py4web going forward.
>>
>> Will try to share an example with py4web asap once I have something
>> working.
>>
>> Will probaly be on the. Weekend.
>>
>>
>>
>>
>>
>>
>> On Thu, 20 Feb 2020, 10:42 Val K,  wrote:
>>
>>> check request.content_type - is that 'application/json' ?
>>>
>>> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:

 getting this from py4web as an api.
 [image: image.png]
 Is not what i would like to see from a SPA standpoint.

 Regards
 António


 Em qui., 20 de fev. de 2020 às 18:03, Val K 
 escreveu:

> It seems it depends on request.content_type
>
> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google
> Groups "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to web...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
> .
>
 --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to web...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
>>> 
>>> .
>>>
>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/1e3387f6-bf14-406f-9c6b-306a06630961%40googlegroups.com
> 
> .
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/CAKk5xSzm%3DeCCd24Z0ZXF%3DtikA5Z_GXUet1SDGeEMPGVH%3DdRt1A%40mail.gmail.com.

Re: [web2py] py4web jwt ?

[Val K]

As I know py2web already stores _session_token as jwt, no? 

On Thursday, February 20, 2020 at 10:00:00 PM UTC+3, Kevin Keller wrote:
>
> With a Spa the routing is done in Javascript in the Browser.
>
> So Javascript or Vue / React etc need. To check if the user has a access 
> or id_token and if not redirect to the login page to obtain it.
>
> Doing crud and be able to secure those crud rest routes will be critical 
> for productivity. 
>
> So we need a simple jwt token minting engine that at least can spit out a 
> access token for prototyping and and easy way to switch over to other IAM 
> solutions with py4web for production that can do the token minting. 
>
> That is something I am currently working on the whole oidc auth part make 
> it easy and I also want to make it available for web2py. 
>
> I have updated and got the oauth2 login provider working with Okta 
> yesterday and web2py. 
>
> Will share this. Code asap and sent a push to git to have that provider 
> updated and at some providers for different IAM solutions for both web2py 
> and py4web going forward. 
>
> Will try to share an example with py4web asap once I have something 
> working. 
>
> Will probaly be on the. Weekend. 
>
>
>
>
>
>
> On Thu, 20 Feb 2020, 10:42 Val K, > wrote:
>
>> check request.content_type - is that 'application/json' ?
>>
>> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>>>
>>> getting this from py4web as an api. 
>>> [image: image.png]
>>> Is not what i would like to see from a SPA standpoint.
>>>
>>> Regards
>>> António
>>>
>>>
>>> Em qui., 20 de fev. de 2020 às 18:03, Val K  
>>> escreveu:
>>>
 It seems it depends on request.content_type 

 https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35

 -- 
 Resources:
 - http://web2py.com
 - http://web2py.com/book (Documentation)
 - http://github.com/web2py/web2py (Source code)
 - https://code.google.com/p/web2py/issues/list (Report Issues)
 --- 
 You received this message because you are subscribed to the Google 
 Groups "web2py-users" group.
 To unsubscribe from this group and stop receiving emails from it, send 
 an email to web...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
 .

>>> -- 
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to web...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
>>  
>> 
>> .
>>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/1e3387f6-bf14-406f-9c6b-306a06630961%40googlegroups.com.

Re: [web2py] py4web jwt ?

[Kevin Keller]

With a Spa the routing is done in Javascript in the Browser.

So Javascript or Vue / React etc need. To check if the user has a access or
id_token and if not redirect to the login page to obtain it.

Doing crud and be able to secure those crud rest routes will be critical
for productivity.

So we need a simple jwt token minting engine that at least can spit out a
access token for prototyping and and easy way to switch over to other IAM
solutions with py4web for production that can do the token minting.

That is something I am currently working on the whole oidc auth part make
it easy and I also want to make it available for web2py.

I have updated and got the oauth2 login provider working with Okta
yesterday and web2py.

Will share this. Code asap and sent a push to git to have that provider
updated and at some providers for different IAM solutions for both web2py
and py4web going forward.

Will try to share an example with py4web asap once I have something
working.

Will probaly be on the. Weekend.






On Thu, 20 Feb 2020, 10:42 Val K,  wrote:

> check request.content_type - is that 'application/json' ?
>
> On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>>
>> getting this from py4web as an api.
>> [image: image.png]
>> Is not what i would like to see from a SPA standpoint.
>>
>> Regards
>> António
>>
>>
>> Em qui., 20 de fev. de 2020 às 18:03, Val K  escreveu:
>>
>>> It seems it depends on request.content_type
>>>
>>> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>>>
>>> --
>>> Resources:
>>> - http://web2py.com
>>> - http://web2py.com/book (Documentation)
>>> - http://github.com/web2py/web2py (Source code)
>>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "web2py-users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to web...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
>>> .
>>>
>> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com
> 
> .
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/CADHCKLTo0Dd0ttzt71c9-ALME%2BeYS0-JkX6nV641eOCbTH780g%40mail.gmail.com.

Re: [web2py] py4web jwt ?

[Val K]

check request.content_type - is that 'application/json' ?

On Thursday, February 20, 2020 at 9:28:43 PM UTC+3, Ramos wrote:
>
> getting this from py4web as an api. 
> [image: image.png]
> Is not what i would like to see from a SPA standpoint.
>
> Regards
> António
>
>
> Em qui., 20 de fev. de 2020 às 18:03, Val K  > escreveu:
>
>> It seems it depends on request.content_type 
>>
>> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>>
>> -- 
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to web...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
>> .
>>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/77ac539d-a83e-4931-ae79-424c3a4711fd%40googlegroups.com.

Re: [web2py] py4web jwt ?

[António Ramos]

getting this from py4web as an api.
[image: image.png]
Is not what i would like to see from a SPA standpoint.

Regards
António


Em qui., 20 de fev. de 2020 às 18:03, Val K  escreveu:

> It seems it depends on request.content_type
>
> https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com
> .
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/CAEM0BxMwtYztWzkpacrh9zBdMhU3t1C7budbPu24NkdxXeThww%40mail.gmail.com.

[web2py] py4web jwt ?

[Val K]

It seems it depends on request.content_type 
https://github.com/web2py/py4web/blob/e6b3d5e10e15976af153c4a4e6b349a02fe6c2a9/py4web/utils/auth.py#L35

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/9608a9ab-d338-4580-9d02-31b9b9a30782%40googlegroups.com.

[web2py] py4web jwt ?

[Val K]

+1 autoredirect should be an option

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/69e76d33-e2d4-4316-9322-e703a431b4b1%40googlegroups.com.

[web2py] py4web jwt ?

[António Ramos]

this code  from the docs...

@action('index')
@action.uses(auth.user)def index():

return {"ok":1}

Here @action.uses(auth.user) tells py4web that this action requires a
logged in user and should redirect to login if no user is logged in.



this redirect is good for an full web2py app.

What if i have a SPA in vue ?

In case the user is not logged it it should not redirect to login page
because the apps is a outsider vue spa. How to return an error to vue spa ??

regards


António

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/web2py/CAEM0BxNvNyYjk40qBKoUVF6cpD1%3DQuBaBA4b2dD2Rck0emFHoA%40mail.gmail.com.