THE SOLUTION WAS THIS
I wanted to write a web2py slice but i cant seem to login at the moment
maybe i will do it later.
Model
Entries = db.define_table("entries", Field("entry", "text"))
Cities = db.define_table("cities", Field("city", "text"))
Controller
def call():
"""
exposes services. for example:
http://..../[app]/default/call/jsonrpc
decorate with @services.jsonrpc the functions to expose
supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
"""
return service()
auth.settings.allow_basic_login = True
@auth.requires_login()
@request.restful()
def api():
response.view = 'generic.'+request.extension
def GET(*args,**vars):
patterns = 'auto'
parser = db.parse_as_rest(patterns,args,vars)
if parser.status == 200:
return dict(content=parser.response)
else:
raise HTTP(parser.status,parser.error)
def POST(table_name,**vars):
return db[table_name].validate_and_insert(**vars)
def PUT(table_name,record_id,**vars):
return db(db[table_name]._id==record_id).update(**vars)
def DELETE(table_name,record_id):
return db(db[table_name]._id==record_id).delete()
return dict(GET=GET, POST=POST, PUT=PUT, DELETE=DELETE)
from gluon.tools import AuthJWT
import requests
myjwt = AuthJWT(auth, secret_key='secretsddfsdfsd')
#this one receives the credentials and gives you a token refer to
gluon/tools.py 1132 line
def login_and_take_token():
return myjwt.jwt_token_manager()
@myjwt.allows_jwt()
def protected():
return '%s$%s' % (request.now, auth.user_id)
Terminal(Or any Api Consumer)
1. Getting the token:
C: visit the controller login_and_take_token with credentials
*http://127.0.0.1:8008/masterw2p/default/login_and_take_token?username=admin&password=admin*
A:
{"token":
"DF9LCAiZXhwIjogMTQ5ODU2MTk4Ny4wLCAiaG1hY19rZXkiOiAiMWMxNmU5OTYtZmZmMS00MzQwLTkwODYtNjBjZmRmMjExMWU3In0.I8Q0EHiJKssJjNwXfnUEl_GJ0y1lHfBFrxGreJA9-Bg"}
2.Using the token
C: curl -u *username*:*password* -H "Authorization: Bearer
*A2NzA3N2ZmIn0.rsGNBygxFGmzGjCal3m8dz9X2JKck15K0gz_MCMBDRA*"
*http://127.0.0.1:8008/masterw2p/default/api/entries.json*
replace the username,password,url by yours and the as well as the that
weird text with your token
*(Note a token is enough you dont need to pass your username and
password)C2: *curl -H "Authorization: Bearer
*A2NzA3N2ZmIn0.rsGNBygxFGmzGjCal3m8dz9X2JKck15K0gz_MCMBDRA*"
*http://127.0.0.1:8008/masterw2p/default/api/entries.json*
A: The output will be json eg: {"content": [{"entry": "Hello", "id": 1},
{"entry": "It Worked", "id": 2}, {"entry": "oh lala", "id": 3}]}
now on the function with jwt decorator
C: curl -H "Authorization: Bearer
*A2NzA3N2ZmIn0.rsGNBygxFGmzGjCal3m8dz9X2JKck15K0gz_MCMBDRA*"
*http://127.0.0.1:8008/masterw2p/default/protected*
A: 2017-06-27 13:13:33.715017$1
On Friday, June 23, 2017 at 10:49:17 PM UTC+2, Oasis Agano wrote:
>
> Hello,
>
> How can someone implement a token based authentication in web2py;
> Both token generation and authorization?
>
>
> kr,
> Oasis
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
