All my applications are REST so CAS doesn't work I think El dic. 30, 2015 7:19 PM, "Dave S" <snidely....@gmail.com> escribió:
> On Wednesday, December 30, 2015 at 2:33:46 PM UTC-8, > luis.va...@metamaxzone.com wrote: >> >> What if i've two different applications (event in two differents >> machines) one for the front end of my site (all my views, form, etc...) and >> other to authenticate my users, i mean, a micro service architecture. >> > > Does the web2py CAS support help with this? Assuming you're investigating > the JWT support. > > <URL: > http://web2py.com/books/default/chapter/29/09/access-control#Central-Authentication-Service > > > > /dps > > > >> >> El jueves, 24 de diciembre de 2015, 10:51:42 (UTC-4:30), Massimo Di >> Pierro escribió: >>> >>> web2py 2.13.3 is out. MERRY CHRISTMAS EVERYBODY!!! >>> >>> It contains some bug fixes for bugs introduced in 2.13.1-2 and most >>> importantly it contains experimental support for JWT. Here is how it works: >>> >>> 1) instantiate auth with >>> >>> auth = Auth(db, jwt = {'secret_key':'secret'}) >>> >>> where 'secret' is your own secret string. >>> >>> 2) Secorate functions that require login but should accept the >>> JWT token credentials: >>> >>> @auth.allows_jwt() >>> @auth.requires_login() >>> def myapi(): return 'hello %s' % auth.user.email >>> >>> Notice jwt is allowed but not required. if user is logged in, >>> myapi is accessible. >>> >>> 3) Use it! >>> Now API users can obtain a token with >>> >>> http://.../app/default/user/jwt?username=...&password=.... >>> >>> (returns json object with a token attribute) >>> API users can refresh an existing token with >>> >>> http://.../app/default/user/jwt?token=... >>> >>> they can authenticate themselves when calling http:/.../myapi by >>> injecting a header >>> >>> Authorization: Bearer <the jwt token> >>> >>> Any additional attributes in the jwt argument of Auth() below: >>> >>> auth = Auth(db, jwt = {...}) >>> >>> are passed to the constructor of class AuthJWT. Look there for >>> documentation. >>> >>> Thanks Niphlod again for implementing this. >>> Please help us check it so we will declare it stable in the next release. >>> >>> Massimo >>> >>> >>> -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to a topic in the > Google Groups "web2py-users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/web2py/NUDpOmGLDTQ/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
