@Massimo - First of all i'm a new web2py user and I'm really enjoying it so far. The only problem I've had so far is I did my database design in a traditional sense before fully understanding the web2py DAL limitations and had to redesign things to fit (no compound keys for example). Overall great job and keep up the awesome work.
Regarding this post, from my perspective I like the default auth behavior and think you just need to integrate Janrain better. The only real difference here is that instead of maintaining credentials locally, you let Janrain handle it (also it's one less password for users to remember). So when registering I imagine you would authenticate via Janrain and then redirect to a registration page that lets you collect additional info for the user if desired (possibly prepopulated via Janrain). Log in would be modified then to somehow verify that the user has already registered before accepting the Janrain token. If the user hasn't registered (even if Janrain accepts their credentials) you redirect to the registration page. Obviously the forgot password functionality would disable automatically. @Anthony - As I said I'm new to web2py and some of the built in stuff is still a black box to me. Could you point me to where the auth code is? Also if I enable Janrain the "register" button disables and I'm not sure where that behavior comes from. Thanks for your help. Dean On Thursday, March 28, 2013 11:39:54 AM UTC-4, Anthony wrote: > > On Thursday, March 28, 2013 11:06:25 AM UTC-4, DeanK wrote: > >> I don't want to have to approve all registrations, but I want to be able >> to control when people can register (basically just because you have a >> gmail account doesn't mean you can sign in and use the service). The web >> app i'm creating is being rolled out to specific people in a controlled >> manner so I need this capability. I was thinking about having some sort of >> "secret early access token" that if you know lets you register before it is >> completely open to all users. > > > Sure, that sounds reasonable. Just have the login function check for the > token in the URL query string (i.e., via request.vars), and if not present, > redirect or return an appropriate message. > > >> Also I do want to have people fill out some additional information after >> the initial Janrain log in. >> > > You can define an auth.settings.login_onaccept function that checks to see > whether the required elements of the profile have been filled out yet, and > if not, redirect to the profile page. > > Anthony > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
