thank you so much, anthony, the session is not counted anymore when refresh
the login page.
i want to lock failed user login which tried 3 times, redirect to another
pages for several times (5 sec in example below), after that time is
fulfilled reset the counted login attempt. tried using variable but return
an error (reference before assignment), tried using session (no error
occured but the result is not expected (i think session has it's own expire
time) ). how can i achieve it using web2py?
e.g.
"""
login_attempts = 1
def login_attempts(form):
#login_attempts = 1
if login_attempts >= 3 :
test = cache.ram('login_attempts', lambda: login_attempts, time_expire = 5)
if test:
redirect(URL('default', 'test') )
else:
login_attempts = 0
#response.flash = login_attempts
else :
login_attempts += 1
"""
def login_attempts(form):
session.login_attempts = (session.login_attempts or 0) + 1
if session.login_attempts >= 3 :
if cache.ram('login_attempts', lambda: session.login_attempts, time_expire
= 5):
redirect(URL('default', 'test') )
else:
session.login_attempts = 0
#session.forget(response)
auth.settings.login_onfail.append(login_attempts)
thanks and best regards,
stifan
On Wednesday, April 22, 2015 at 8:51:57 PM UTC+7, Anthony wrote:
>
> You shouldn't be calling the callback function when setting the callback
> -- just put the function itself in the list -- web2py will call it at the
> appropriate point. Also, like the other Auth callback settings,
> login_onfail is a list, so you should append to it.
>
> Instead of:
>
> auth.settings.login_onfail = login_attempts()
>
> it should be:
>
> auth.settings.login_onfail.append(login_attempts)
>
> Anthony
>
> On Wednesday, April 22, 2015 at 9:33:32 AM UTC-4, 黄祥 wrote:
>>
>> it seems that the refresh login page, is count as login_onfail and
>> login_onvalidation in web2py default user login form.
>> e.g.
>> *models/db.py*
>> def login_attempts():
>> session.login_attempts = (session.login_attempts or 0) + 1
>> if session.login_attempts >= 3 :
>> #cache.ram('login_attempts', lambda: session.login_attempts, time_expire
>> = 5)
>> response.flash = session.login_attempts
>>
>> #auth.settings.login_onfail = login_attempts()
>> auth.settings.login_onvalidation = [login_attempts()]
>>
>> *views/default/user.html add response toolbar*
>> {{=response.toolbar()}}
>>
>> 1. when i hit refresh https://127.0.0.1/test/default/user/login, the
>> session is added by 1
>> 2. when i try to input the wrong login, the sessions added by 2 (1 added
>> by failure, n 1 added by refreshing the login form, i guess)
>>
>> trying to use login_onfail and login_onvalidation got the same result.
>> is it normal behaviour, or i have the wrong steps?
>>
>> thanks and best regards,
>> stifan
>>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
