session.forget() does not clear the session or stop the cookie from being
exchanged -- it just prevents any changes in the session from being written
to the persistent session storage.
I'm not sure, but maybe your webclient test doesn't work because the test
first calls /index and then immediately does a post to the /user/register
action, but because you have session.forget() in the index function, no
session is created at all. What happens if you try a test that visits at
least one action (without session.forget) before attempting to
register/login?
Anthony
On Sunday, October 9, 2016 at 8:23:37 AM UTC-4, Mathieu Clabaut wrote:
>
> Hello,
>
> I'm looking for a deeper understanding on how session and
> `session.forget` works. More precisely, I was wondering if the
> authentication would survive a `session.forget` call.
> So, I add `session.forget` at the beginning of the default/index
> controller, and everything seems to go fine when manually testing in a web
> browser (i.e., once logged, the user stay logged even after visiting
> default/index).
> However, when testing with webclient, the same action failed, and the
> user is now logged out after visiting default/index. You can try by
> applying the following patch on the last mercurial head :
> ```diff
> diff --git a/applications/welcome/controllers/default.py
> b/applications/welcome/controllers/default.py
> index 87c6d55..7d8b06a 100644
> --- a/applications/welcome/controllers/default.py
> +++ b/applications/welcome/controllers/default.py
> @@ -17,10 +17,15 @@ def index():
> if you need a simple wiki simply replace the two lines below with:
> return auth.wiki()
> """
> + session.forget(response)
> response.flash = T("Hello World")
> return dict(message=T('Welcome to web2py!'))
>
>
> [email protected]_login()
> +def logged_action():
> + return dict(res=auth.user)
> +
> def user():
> """
> exposes:
> diff --git a/gluon/tests/test_web.py b/gluon/tests/test_web.py
> index 4a3ef3b..4f0886f 100644
> --- a/gluon/tests/test_web.py
> +++ b/gluon/tests/test_web.py
> @@ -88,7 +88,9 @@ class TestWeb(LiveTest):
>
> # check registration and login were successful
> client.get('index')
> + self.assertTrue('Welcome Homer' in client.text)
>
> + client.get('logged_action')
> self.assertTrue('Welcome Homer' in client.text)
>
> client = WebClient('http://127.0.0.1:8000/admin/default/')
>
> ```
>
> and run the test with:
> ```
> python2 -m unittest -v gluon.tests.test_web
> ```
>
> Some questions follow:
> - how can a logged-in user stay logged after visiting a page which does a
> `session.forget` (I guess there are some cookies into the play) ?
> - is the observed behaviour of`webclient` expected ? If not, what shall
> `webclient` do to mimic the behaviour of a web browser.
>
> Thank you for sharing your insights.
>
> -Mathieu
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
