[web2py] Re: Routes.py not working with auth dialogs

Mon, 20 Jan 2014 09:26:25 -0800 

I think I have found the underlying problem in tools.py, but I'm not sure 
it is even fixable.

The issue is that routes.py only works if you use the URL() function, but 
the decorator @auth.requires_login doesn't use the URL function when it 
presets the "next" field.  So everything works consistently except the 
"next" after logon, which always fails because (in my case) it contains the 
application name.  Here is the relevant part of the decorator:

    def requires(self, condition, requires_login=True, otherwise=None):
        """
        decorator that prevents access to action if not logged in
        """

        def decorator(action):

            def f(*a, **b):

                basic_allowed, basic_accepted, user = self.basic()
                user = user or self.user
                if requires_login:
                    if not user:
                        . . .
                        else:
                            next = self.here()
                            current.session.flash = current.response.flash
                            return call_or_redirect(
                                self.settings.on_failed_authentication,
                                self.settings.login_url +
                                    '?_next=' + urllib.quote(next))

                if callable(condition):
                    flag = condition()
                else:
                    flag = condition
                if not flag:
                    current.session.flash = self.messages.access_denied
                    return call_or_redirect(
                        self.settings.on_failed_authorization)
                return action(*a, **b)
            f.__doc__ = action.__doc__
            f.__name__ = action.__name__
            f.__dict__.update(action.__dict__)
            return f

        return decorator


I'm not sure this is even "fixable" since it would require 
reverse-engineering a string back into the format desired for URL().  In 
the short term, I fixed it by overriding the "next=" variable on the 
creation of the login dialog box.  This is from my default controller, and 
it works as expected:

def user():
    cmd=request.url.split('/')[-1]
    if cmd=='register':
        . . .
        
    elif cmd=='login':
        return dict(form=auth.login(next=URL('register','index')))
    return dict(form=auth())


 

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to