Hi Massimo, thanks for your reply.
I had another look and don't think one has to necessarily reimplement all Auth functions. I think that the setup above works in principle, but that there are some inconsistencies within Auth one has to work around at the moment. Let me summarize briefly. The Module w2popenid.py has three classes. 1. class Consumer Used in a controller (for ex: openid.py) as def oid_consumer(): return dict(form=Consumer(globals(), db)) It understands the args 'login' to provide and process a login form and 'oidresponse' to check the response from the oid provider upon redirect to the return_to_url by the same. 2. class OpenIDLogin Extends gluon.contrib.login_methods.CasAuth and is used in a model auth.settings.login_form = OpenIDLogin(globals(), URL(...)) where URL's c and f parameters are those of the oid_consumer in 1 above. i.e. URL(r=request, c='openid', f='oid_consumer') As per the interface it implements the methods: login_url(self, next) - returns the URL passed to __init__ and sets up oid session logout_url(self, next) - destroys oid session and redirects to next get_user() - if logged in returns a dic(username='..', email='...) - it does not yet but the SREG extension for OID allows one to fetch these. I don't need to store these myself as auth.get_or_create_user handles this behind the scenes. In fact I do not even need to store the oid itself, as long as I can get hold of the email address. 3. class Web2pyStore Handles storage of associations and nonces for the Janrain library. Does not store any user info. It works. If you log on using your open ID, entries for that user are created in auth_users. @auth.requires_login() does not work as this method does not look at auth.settings.login_form but only at auth.settings.login_url Consequently the user is redirected to the wrong form. Regards, HC On Aug 2, 12:54 am, mdipierro <[email protected]> wrote: > Sorry it took me so long. I looked into this and it cannot be done > this way easily as I though. The reason is that OID uses the two > tables you created (and you are correct) and does not use auth_user at > all. Hence it cannot take advantage of the functionality of Auth > (access control, etc etc.). Open id can only determine if a user is > logged in or not. > > The best one can do is create a new OpenIDAuth class that replaces > Auth and exposes similar 'login', 'logout', 'require login' > functionality. > > I think you did this already in the OpenID app. > > Massimo > > On Jul 29, 5:12 pm, hcvst <[email protected]> wrote: > > > Hi, > > > I am just trying to implement CasAuth to plug openID (oID) into auth > > (). > > I've got a simple oID server/consumer app using the Janrain > > Python oID lib. > > > The login_methods.gae example included in the login_methods folder > > seems to fit (too) well, as all external calls are wrapped nicely in > > the > > gae lib, but I am struggling to see how to do the same with my oID. > > > Here's what I've tried now. It works.. just. > > > 1 - Pack all oID functionality into a module and place it in > > myapp/modules > > .../modules/w2popenid.py (http://pastebin.co.za/23469) > > > 2 - the module provides an oID service a bit like Auth such > > that it can be served via a single controller function. > > > consumer_service = w2popenid.Consumer(env, db) > > def oid_consumer(): return (form=consumer_service()) > > > 3 - in db.py, I set auth.settings.login_form (or so) to > > > from app.modules.w2popenid import OpenIDAuth > > auth.settings.login_form = OpenIDAuth(service_url, globals()) > > > where > > OpenIDAuth implements/extends the class CasAuth > > and service_url : URL(...f='oid_consumer') > > is the url of the controller function bound to consumer_ service > > in 2. above so that CasAuth.login_url can provide the service URL, > > when asked by auth. > > > Then it's a back and forth between controller, openID provider > > and OpenIDAuth, with all required data stored somewhere in session. > > > Is that how one should plug sth like oid into auth()? > > > If that is the correct approch, there are some other issues: > > For example if oid_consumer() is defined outside the default > > controller, > > auth() seems to get mixed up and redirects to the default controller. > > Also, I don't seem to be able to flash my status codes back via > > session.flash > > Finally I am not sure whether I have to extend the users table to > > cater for > > additional openID fields and how best to do this. > > But these are issues to solve once I know I didn't misunderstand > > login_methods.. > > > If this doesn't make much sense. Please get me to the point tomorrow. > > Time to say... > > > Good night, > > HC --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
