Hmm, I gave that a spin and don't believe I can get that to work. All of the login_methods imply either using the local login form or a 3rd party URL to login. This will not work here - what I need is a way of authenticating based on a URL, sent through an email: http://127.0.0.1/default/login_by_token/[random string of numbers]
If I write a login_method: import urllib import urllib2 import base64 def token_auth(server="http://127.0.0.1";): """ to use basic login with a different server from gluon.contrib.login_methods.token_auth import token_auth auth.settings.login_methods.append(token_auth()) """ def basic_token_auth(username, password): return False return basic_token_auth I don't have access to the URL/request at all, and thus can't validate it. Furthermore, this authentication still expects a username/password combo, which I wouldn't be providing. On Sep 23, 8:45 am, mdipierro <[email protected]> wrote: > You should not need to rewrite tools.py code. Looks at the examples in > gluon/contrib/login_methods > You can extend it. > > On Sep 23, 12:20 am, Chris <[email protected]> wrote: > > > > > I did some more digging and found that the current code in gluon.tools > > stores login info in session.auth: > > > session.auth = Storage( > > user = user, > > last_visit = request.now, > > expiration = self.settings.long_expiration, > > remember = True, > > ) > > >http://www.web2py.com/examples/static/epydoc/web2py.gluon.tools-pysrc... > > > It'd probably be best to not rewrite this code elsewhere, so my > > current feeling is that the method with the most reuse is to: > > > 1) Pull out the session.auth code from gluon.tools.Auth.login_bare > > into its own method (based on the db user object) > > 2) Call this new method, login_as(self, user), from my code. > > > I'm not fully comfortable messing around with everyone's internals, > > but I can send you a diff and you can be the arbiter. > > > Thanks, > > Chris > > > On Sep 23, 12:40 am, mdipierro <[email protected]> wrote: > > > > the survey app predates auth. It would be really nice to have a gluon/ > > > contrib/login_method based on it. > > > > On Sep 22, 11:05 pm, Chris <[email protected]> wrote: > > > > > Interesting, thanks Massimo! > > > > > I took a look at the survey link. It send a link that lets me access > > > > part of the site, but 1) I'm not sure if it's actually logging in the > > > > user (i.e. changing auth.user) and 2) I don't have access to the code > > > > for it, so I don't know how to imitate its technique. > > > > > I looked at the CAS stuff but I'm not sure I'm making the right use of > > > > it. I think session.token is the key, but this line: > > > > > id,email,name=session.token ### specific for web2py CAS service > > > > > led me to think that login would be different for my non-CAS system. I > > > > hooked up a debugger so I could see what happens to session.token for > > > > a logged in user and got None. So apparently my regular login isn't > > > > even using session.token, so I can't log a user in by creating a > > > > controller action that sets session.token. > > > > > I'm gonna keep hammering away at this, let me know if you have more > > > > ideas! > > > > > Thanks! > > > > Chris > > > > > On Sep 22, 10:01 pm, mdipierro <[email protected]> wrote: > > > > > >http://web2py.com/surveyhttp://web2py.com/cas > > > > > > On Sep 22, 2:45 pm, Chris <[email protected]> wrote: > > > > > > > Hi all, > > > > > > > I'd like to create a system where I can email an individual user a > > > > > > link that, when they click on it, automatically logs them in and > > > > > > takes > > > > > > them to the requested page. I didn't see a method of logging in a > > > > > > user > > > > > > in this manner; can anyone offer any suggestions? > > > > > > > Thanks, > > > > > > Chris
