here is the link : <script> window.location.href = '{{=URL('CS','close_inqueries',user_signature=True)}}' + '&' + data; </script>
and here is the controler: def close_inqueries(): print request.vars print '-'*20 print session and here is the result: <Storage {'_signature': '180b1866f14c585f249ee0a3d8b74778e1ff79a0', 'Sea-24': 'on'}> -------------------- <Storage {'_user_agent': {'os': {'name': 'Linux'}, 'is_tablet': False, 'is_mobile': False, 'dist': {'name': 'Ubuntu'}, 'browser': {'version': '19.0', 'name': 'Firefox'}}, '_auth_next': None, 'flash': None, 'user_type': 'CS', 'auth': <Storage {'hmac_key': 'bbdd4f5d-2cfa-4ee8-a7b4-c08a3b7874ee', 'remember': False, 'last_visit': datetime.datetime(2013, 3, 27, 11, 48, 35, 442411), 'expiration': 3600, 'user': <Row {'first_name': 'ali', 'last_name': 'naghi', 'registration_id': '', 'email': 'a...@naghi.com', 'reset_password_key': '', 'registration_key': '', 'id': 4}>, 'user_groups': {3: 'user_4'}}>, 'nickname': 'ali', '_session_hash': 'c55603687a5f7482dda9b0d85a7a78e1', '_formkey[login]': 'c8974fec-1b1d-4c47-9f5c-dbd4c765542c'}> as you see _signature and hmac_key have different values and i think this is the reason i get non authorized alert when i add @auth.requires_signature() to controller. what is the correct way to do this? -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.