Just for posterity's sake, I put the check into a custom decorator and used
that new decorator instead:
def requires_login(function):
def check_is_logged_in(*args, **kwargs):
if not auth.is_logged_in():
raise HTTP(401, json.dumps(dict(content='Unauthorized.')))
return function(*args, **kwargs)
return check_is_logged_in
@request.restful()
@requires_login
def function():
...
Thanks again for the help, Leonel.
Henry
On Thursday, September 4, 2014 11:22:41 AM UTC-7, Henry Nguyen wrote:
>
> That is definitely a viable option... not as clean as the decorator but
> certainly functional. Thank you Leonel :)
>
> Henry
>
> On Thursday, September 4, 2014 11:17:47 AM UTC-7, Leonel Câmara wrote:
>>
>> Ohh, in this case, instead of modifying tools.py I would drop the
>> auth.requires_login() decorator and use auth.is_logged_in to check inside
>> the function. Something like:
>>
>>
>> @request.restful()
>> def api():
>> def GET(*args,**vars):
>> return dict()
>> def POST(*args,**vars):
>> return dict()
>> def PUT(*args,**vars):
>> return dict()
>> def DELETE(*args,**vars):
>> return dict()
>>
>> if not auth.is_logged_in():
>> raise HTTP(403, YOUR_JSON_ERROR)
>> return locals()
>>
>>
>>
>>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
