Another patch:
In login_cookieless(), after:
session.person_email=rows[0].email
insert this following line:
session._try_store_in_db(request, response) # save changes to the
session
On Sunday, November 25, 2012 7:41:00 AM UTC-6, dlypka wrote:
>
> Sample controller code:
> (This is not production quality code. It is meant only to suggest an
> approach to use).
>
> def isloggedin_cookieless0(self):
> request,response,session,cache,T,db=self._globals()
> retIsLoggedIn = False
> person_id = session.person_id
> retIsLoggedIn = True if person_id else False
> if retIsLoggedIn:
> resmsg = T("OK")
> else:
> resmsg = T("Not Logged In")
> return (retIsLoggedIn, resmsg)
>
> def isloggedin_cookieless(self):
> request,response,session,cache,T,db=self._globals()
>
> session_id_tuple0 = response.session_id # example
> 'None:d602d501-877d-42aa-9b52-0e58a91b8336'
> session_tuple_split = session_id_tuple0.split(':')
> session_record_id = session_tuple_split[0]
> session_guid = session_tuple_split[1]
> if session_record_id == 'None':
> session_record_id_fromweb2py = response.session_record_id
> else:
> session_record_id_fromweb2py = int(session_record_id)
>
> if 'cred' in request.post_vars:
> basic_cred = request.post_vars.cred
> if not basic_cred[:6].lower() == 'basic ':
> basic_cred = 'basic ' + basic_cred
> if not basic_cred or not basic_cred[:6].lower() == 'basic ':
> user = None
> pwd = None
> else:
> import base64
> (user, pwd) = base64.b64decode(basic_cred[6:]).split(':')
> pwdcrypt=CRYPT()(pwd)[0]
> rows=db(db.person.email==user)\
> (db.person.password==pwdcrypt).select()
> if rows:
> session.person_id=rows[0].id
> retIsLoggedIn, resmsg = self.isloggedin_cookieless0()
> result = '{ "IsLoggedIn": "%s", "session_record_id_fromweb2py":"%s",
> "session_guid_fromweb2py":"%s","resmsg": "%s"}' % (retIsLoggedIn,
> session_record_id_fromweb2py, session_guid, resmsg) # Use this if called
> from xmlHttpRequest in Javascript
>
> response.headers['Content-Type'] = 'application/jsonp'
> response.headers['Access-Control-Allow-Origin'] = '*' # CORS
> response.view = 'generic.jsonp' # Using python code in file
> init/views/generic.jsonp to leave data unescaped
> return result
>
> def login_cookieless(self):
> request,response,session,cache,T,db=self._globals()
> resmsg = T("Invalid login credentials")
>
> retIsLoggedIn, resmsg = self.isloggedin_cookieless0()
>
> if retIsLoggedIn:
> resmsg = T("Already Logged In")
>
> if (not retIsLoggedIn) and (request.is_https or
> (request.client=='127.0.0.1')):
> basic_cred = request.post_vars.cred
>
> if not basic_cred or not basic_cred[:6].lower() == 'basic ':
> user = None
> pwd = None
> else:
> import base64
> (user, pwd) = base64.b64decode(basic_cred[6:]).split(':')
>
> pwdcrypt=CRYPT()(pwd)[0]
>
> rows=db(db.person.email==user)\
> (db.person.password==pwdcrypt)\
> (db.person.registration_key=='').select()
> if rows:
> retIsLoggedIn = True
> session.person_id=rows[0].id
> session.person_name=rows[0].name
> session.person_email=rows[0].email
> ressessioncookiename = response.session_id_name
> sessiontuplesplit = response.session_id.split(':')
> session_record_id = sessiontuplesplit[0]
> session_guid = sessiontuplesplit[1]
>
> resmsg = T("Login Successful")
>
> result = '{ "IsLoggedIn":"%s",
> "sessioncookiename_fromweb2py":"%s", "session_record_id_fromweb2py":"%s",
> "session_guid_fromweb2py":"%s", "resmsg":"%s"}' % (retIsLoggedIn,
> ressessioncookiename, session_record_id, session_guid, resmsg) # Use this
> if called from xmlHttpRequest in Javascript
>
> response.headers['Content-Type'] = 'application/jsonp'
> response.headers['Access-Control-Allow-Origin'] = '*' # CORS
> response.view = 'generic.jsonp' # Using python code in file
> init/views/generic.jsonp to leave data unescaped
> return result
>
>
>
>
--
