I am using version 2.6.4 on Windows 7 machine and having a problem with using user_signature and auth.requires_signature.
I am using SQLFORM.grid to display a list of scenarios created by the logged-in user. I included an additional button "Results", which calls another function "calculate" and passing the row.id. This works fine but the logged-in user can simply type an url like "http://127.0.0.1:8000/test/default/calculate/12"; and view results from other users' scenarios. @auth.requires_login() def listscenarios(): query = (db.scenario.created_by == auth.user.id) grid = SQLFORM.grid(query, links = [lambda row: A('Results', _class='btn' , _href=URL("default","calculate", args=[row.id]))],csv=False, oncreate= scenario_create) return dict(grid=grid) def calculate(): if not request.args(0): return '' else: ## do the required calculations redirect(URL('voltageprofile')) By reading the book and searching the group, I decorated the functions with user_signature and auth.requires_signature. But, now I get "Not authorized" page for all users. @auth.requires_login() def listscenarios(): query = (db.scenario.created_by == auth.user.id) grid = SQLFORM.grid(query, links = [lambda row: A('Results', _class='btn' , _href=URL("default","calculate", args=[row.id]),user_signature=True,hash_vars =True)],csv=False, oncreate=scenario_create) return dict(grid=grid) @auth.requires_signature() def calculate(): if not request.args(0): return '' else: ## do the required calculations redirect(URL('voltageprofile')) Please help in correctly implementing this. Thanks, PT -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
