Yes, that could be the solution. Atleast as this only a temporary (I
really, really hope so) way of doing this.
Thank you.
Kenneth
I guess you could have wordpress set a cookie of some sort if they
have access, and then use that cookie in web2py to control access.
On Thursday, February 7, 2013 11:13:41 AM UTC-7, Kenneth wrote:
Hi Michael,
Am I understanding you solution completly wrong but isn't it so
that web2py asks WP if a username and password compination is OK.
In my case customer first logs into a WP site, he gets a list of
manuals he has paid for. When selecting a manual he wants to read
he is sent to a web2py site. Somehow WP has to tell web2py that it
is OK to show the site for the user.
Kenneth
Hello Kenneth,
But how do I handle that WP takes care of authentication and
somehow gives the customer rights to view the manual.
I had a similar problem. I added an XMLRPC method to my wordpress
instance to check if a given username/password combination is
valid and added an auth method to my web2py instance which calls
that XMLRPC method.
Wordpress Code:
|
# custom remote auth
add_filter('xmlrpc_methods','my_add_xml_rpc_methods');
functionmy_add_xml_rpc_methods($methods ){
$methods['mh.testCredentials']='test_credentials';
return$methods;
}
functiontest_credentials($params ){
global$wp_xmlrpc_server;
$blog_id =(int)$params[0];// not used, but follow in the form
of the wordpress built in XML-RPC actions
$username =$params[1];
$password =$params[2];
$args =$params[3];
// verify credentials
if(!$wp_xmlrpc_server->login($username,$password )){
returnFalse;
}
do_action('xmlrpc_call','mh.testCredentials');// patterned on
the core XML-RPC actions
// return success
returnTrue;
}
|
This is one of the tutorials I used when coming up with this:
http://www.foxrunsoftware.net/articles/wordpress/extending-the-wordpress-xml-rpc-api/
<http://www.foxrunsoftware.net/articles/wordpress/extending-the-wordpress-xml-rpc-api/>
Now the web2py part - copy to
./gluon/contrib/login_methods/my_auth.py
|
fromwordpress_xmlrpc importClient
fromwordpress_xmlrpc importAuthenticatedMethod
fromwordpress_xmlrpc importInvalidCredentialsError
classGetUserInfo(AuthenticatedMethod):
method_name ="mh.testCredentials"
defmy_auth(server):
"""
to use basic login with a different server
from gluon.contrib.login_methods.basic_auth import basic_auth
auth.settings.login_methods.append(basic_auth('http://server
<http://server>'))
"""
defbasic_login_aux(username,
password,server=server):
wp =Client(server,username,password)
retVal =None
try:
retVal =wp.call(GetUserInfo())
exceptInvalidCredentialsError:
returnFalse
returnretVal
returnbasic_login_aux
|
Now, where you configure your auth module, add this:
|
fromgluon.contrib.login_methods.my_auth importmy_auth
auth.settings.login_methods=[my_auth("http://mywordpress/xmlrpc.php";
<http://mywordpress/xmlrpc.php>)]# smart people use https
auth.settings.actions_disabled.append('register')
|
--
---
You received this message because you are subscribed to the
Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected] <javascript:>.
For more options, visit https://groups.google.com/groups/opt_out
<https://groups.google.com/groups/opt_out>.
--
---
You received this message because you are subscribed to the Google
Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
