I am sure that is not the case. If you submit vars to a function that requires login and you are not login you are redirected to login (in this case vars are lost, args are not), but if you are logged in the function works normally and the vars are in request.vars.
On Sep 30, 2:28 pm, Dmitri Zagidulin <[email protected]> wrote: > It looks like functions that are decorated with auth.requires_login() > are not receiving their request.vars dictionary from the url. > > For example, say I have an auth-protected function in a controller: > > @auth.requires_login() > def index(): > """ > Login-protected index page > """ > response.flash = str(request.vars) > ... > > And then link to it from another page: > {{=A('My Index', _href=URL(r=request, f='index', vars={'testvar': > 999}))}} > > Assuming that I'm previous logged in, the flash results in an empty > dictionary -- no vars are actually passed in. > (Now, if I remove the requires_login() decorator, I can see the > 'testvar' variable just fine). > > Looking in gluon/tools.py > Auth > requires_login(), on line 1418, I > noticed that while request.args are being encoded and passed onto the > login url, request.vars are not. > > But when I added that in, so that the decorator now encoded and > passed > on the vars, restarted the server, etc, the flash was still coming up > empty -- the vars were not being passed on. > > I put in a logging statement into the decorator (right around line > 1416), to see if self.environment.request.vars are at least set > correctly in the body of the function. > And they are not -- the 'testvar' variable is not making it into the > decorator at all. > > Is this a bug or a feature? And if feature, how do I pass vars into > an > auth-protected function? > > Also, passed-in args are not being handled correctly either. > For instance, for the index() function above, if I link to it like so: > {{=A('My Index', _href=URL(r=request, f='index', args='testarg'))}} > > and display the contents of display.args (as a response.flash, etc), > and > do NOT auth-protect it, the testarg shows up. > But if I decorate it with requires_login, and click on that same link, > I > get a > 404 NOT FOUND > > So, it seems like instead of loading 'testarg' into the contents of > args, it tries to parse it as part of post-login routing. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
