My 1 cent.
How to use AuthJWT with requests python library (client):
import requests
credentials = {'username': '[email protected]', 'password':
'mypasswordhere'}
r =
requests.post('http://127.0.0.1:8000/myapp/default/login_and_take_token',
data=credentials)
if r.status_code == 200:
#Get Token and contruct the header
token = r.json()['token']
headers = {'Authorization': 'Bearer ' + token}
protected_data =
requests.get("http://127.0.0.1:8000/myapp/default/protected";,
headers=headers)
print(protected_data.text)
else:
print('ERROR when logging')
El sábado, 19 de agosto de 2017, 15:31:10 (UTC-7), Oasis Agano escribió:
>
> CONTROLLER
>
>
> from gluon.tools import AuthJWT
> import requests
>
> def index():
>
> response.flash = T("Hello World")
> return dict(message=T('Welcome !'))
>
>
> def user():
>
> return dict(form=auth())
>
>
> @cache.action()
> def download():
> """
> allows downloading of uploaded files
> http://..../[app]/default/download/[filename]
> """
> return response.download(request, db)
>
> def call():
> """
> exposes services. for example:
> http://..../[app]/default/call/jsonrpc
> decorate with @services.jsonrpc the functions to expose
> supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
> """
> return service()
>
> auth.settings.allow_basic_login = True
>
>
> @auth.requires_login()
> @request.restful()
> def api():
> response.view = 'generic.'+request.extension
> def GET(*args,**vars):
> patterns = 'auto'
> parser = db.parse_as_rest(patterns,args,vars)
> if parser.status == 200:
> return dict(content=parser.response)
> else:
> raise HTTP(parser.status,parser.error)
> def POST(table_name,**vars):
> return db[table_name].validate_and_insert(**vars)
> def PUT(table_name,record_id,**vars):
> return db(db[table_name]._id==record_id).update(**vars)
> def DELETE(table_name,record_id):
> return db(db[table_name]._id==record_id).delete()
> return dict(GET=GET, POST=POST, PUT=PUT, DELETE=DELETE)
>
> from gluon.tools import AuthJWT
> import requests
>
>
> myjwt = AuthJWT(auth, secret_key='secretsddfsdfsd')
>
> #this one receives the credentials and gives you a token refer to
> gluon/tools.py 1132 line
> def login_and_take_token():
> return myjwt.jwt_token_manager()
>
> @myjwt.allows_jwt()
> def protected():
> return '%s$%s' % (request.now, auth.user_id)
>
>
>
>
> TERMINAL COMMAND FOR TOKEN GENERATOR
>
> curl -X POST -d [email protected] <javascript:> -d password=MYPWD
> 127.0.0.1:8055/masterw2p/default/login_and_take_token
>
> AUTH WITH TOKEN ONLY
>
>
> curl -H "Authorization: Bearer
> eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ96lu8kSvANNRtvi23E56I4l_DRq7XA"
> http://127.0.0.1:8055/ntwaza/default/protected
>
>
> MODEL CONFIG
>
> from gluon.tools import Auth, Service, PluginManager,AuthJWT,AuthAPI
>
> # host names must be a list of allowed host names (glob syntax allowed)
> auth = Auth(db, host_names=myconf.get('host.names'))
> service = Service()
> plugins = PluginManager()
> auth.settings.allow_basic_login = True
> myjwt = AuthJWT(auth, secret_key='secretsddfsdfsd')
>
>
>
>
>
>
>
> On Friday, June 23, 2017 at 10:49:17 PM UTC+2, Oasis Agano wrote:
>>
>> Hello,
>>
>> How can someone implement a token based authentication in web2py;
>> Both token generation and authorization?
>>
>>
>> kr,
>> Oasis
>>
>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
