I have decided to use validate_and_insert with web2py's REST methods db.auth_user.validate_and_insert(**fields)
Testing so far, I was able to add a user even though the email and password fields were empty in the POST call. I altered my api action so that it checks whether or not the email and password fields in the request are empty. All other validators seem to be working fine. If anyone has previous experience with validate_and_insert with the auth_user table, and knows of any registration holes this way, please let me know! On Tuesday, January 22, 2013 6:50:06 PM UTC-8, Mark Li wrote: > > I am currently using web2py's auth to return a registration form. > > However, I would also like users to be able to register RESTfully, with > the email and password information in a POST call. How would I write a > register action that mimics auth.register(), except the information is from > a POST, not a form. > --
