Hi! It seems, that ajax_login isn't exist yet? if not user: self.log_event(self.messages['login_failed_log'], request.post_vars) # invalid login session.flash = self.messages.invalid_login callback(onfail, None) redirect( self.url(args=request.args, vars=request.get_vars), client_side=settings.client_side)
On Saturday, March 2, 2013 at 5:46:53 PM UTC+3, Phyo Arkar wrote: > > If you worry about your credentials visibility over the wire , SSL. > If you worry about your credentials visibility on the screen , None > actually. > > On Sat, Mar 2, 2013 at 5:54 AM, Alan Etkin <spam...@gmail.com > <javascript:>> wrote: > >> +1 for auth,ajax_login() >> >> >> I'm also interested in a bare ajax login feature, but, what about the >> security risks of passing credentials with javascript in the background? >> What are the issues to take in account for that feature? I there any >> standard way of securing the passwords and other sensible data that can be >> used? >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+un...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.