Hello,
I'm looking for a deeper understanding on how session and `session.forget`
works. More precisely, I was wondering if the authentication would survive
a `session.forget` call.
So, I add `session.forget` at the beginning of the default/index
controller, and everything seems to go fine when manually testing in a web
browser (i.e., once logged, the user stay logged even after visiting
default/index).
However, when testing with webclient, the same action failed, and the user
is now logged out after visiting default/index. You can try by applying
the following patch on the last mercurial head :
```diff
diff --git a/applications/welcome/controllers/default.py
b/applications/welcome/controllers/default.py
index 87c6d55..7d8b06a 100644
--- a/applications/welcome/controllers/default.py
+++ b/applications/welcome/controllers/default.py
@@ -17,10 +17,15 @@ def index():
if you need a simple wiki simply replace the two lines below with:
return auth.wiki()
"""
+ session.forget(response)
response.flash = T("Hello World")
return dict(message=T('Welcome to web2py!'))
[email protected]_login()
+def logged_action():
+ return dict(res=auth.user)
+
def user():
"""
exposes:
diff --git a/gluon/tests/test_web.py b/gluon/tests/test_web.py
index 4a3ef3b..4f0886f 100644
--- a/gluon/tests/test_web.py
+++ b/gluon/tests/test_web.py
@@ -88,7 +88,9 @@ class TestWeb(LiveTest):
# check registration and login were successful
client.get('index')
+ self.assertTrue('Welcome Homer' in client.text)
+ client.get('logged_action')
self.assertTrue('Welcome Homer' in client.text)
client = WebClient('http://127.0.0.1:8000/admin/default/')
```
and run the test with:
```
python2 -m unittest -v gluon.tests.test_web
```
Some questions follow:
- how can a logged-in user stay logged after visiting a page which does a
`session.forget` (I guess there are some cookies into the play) ?
- is the observed behaviour of`webclient` expected ? If not, what shall
`webclient` do to mimic the behaviour of a web browser.
Thank you for sharing your insights.
-Mathieu
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
