I have 2 Web2Py apps, *Provider* and *Accessor*. One allows basic authentication and the other one uses it for logging in. I have turned on username based login instead of e-mail based like this in the db.py of both apps:
auth.define_tables(username=True, signature=False, migrate=True) auth_table = auth.settings.table_user auth_table.username.requires = IS_NOT_IN_DB(db, auth_table.username) auth.define_tables(migrate=False) Then I have used an SQLite editor to add some usernames and passwords to the auth_user table of *Provider*. Trying to log in to this app works from the command line with cURL over http as usual: curl --verbose --user myusername:mypassword http://127.0.0.1:8000/Provider/ If I use an incorrect username and/or password, it fails as expected. But when I try to login from the other Web2Py app, it does not work. In controllers/default.py of *Accessor*, I added: from gluon.contrib.login_methods.basic_auth import basic_auth auth.settings.login_methods = [basic_auth('http://127.0.0.1:8000/Provider/')] And then I use the @auth.requires_login() decorator above the index()method. Now I try to access http://127.0.0.1:8000/Accessor/ and I see the login page. If I use the correct username and password after this, I get in. If I use the correct username and incorrect password, I also get in. If I use a non-existing username and some password, then also I get in. How do I get it right? Also, if there is some example of a basic authentication service being provided by a Web2Py app, I would be obliged to have a link. -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
