This is what you need: http://web2py.readthedocs.io/en/latest/tools.html#gluon.tools.Auth.jwt
Json Web Token , communications to services "rest" .. I think that facilitates your work Em quarta-feira, 28 de setembro de 2016 08:57:59 UTC-3, Lisandro escreveu: > > Hi there! > I have a web2py app that implements a JSON-RPC public webservice, over > HTTPS. > It's public as it doesn't require user and password to authenticate. > > However, the webservice is only consumed by a set of other applications > that I manage. > So I would like those apps to use a key in order to connect to the > webservice. > I'm trying to do such thing with a custom decorator, but I can't make it > work. > > This is what I have: > > from gluon.tools import Service > > > service = Service() > > > def validate_key(): > return True > > > @auth.requires(lambda: validate_key()) > def call(): > session.forget() > return service() > > > @service.jsonrpc > def test(): > return 'test ok' > > > > But when I try to connect to the webservice, I receive this error: > > ProtocolError: <ProtocolError for dev.medios/ws/call/jsonrpc: 303 SEE OTHER> > > > I'm not sure if what I'm tying to do is possible in that way. > I know that I can apply the @auth.requires_login() decorator to the call() > method, but that would force me to create users for every app using the > webservice, and that's not wat I want. I would like to simply generate a > key for every app that needs to use the webservice, and then ask the > applications to use that key (either in the call to connect to the > webservice, or in every call to any method of the webservice). > > What would be the correct approach? > Thanks in advance. > Regards, > Lisandro. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
