Please open a ticket about this.
On Jul 22, 2:25 am, Heng Zeng Aun <[email protected]> wrote: > Good day Massimo, > > the following are the snippets: > > ---- AppAuth/models/db.py ---- > db = DAL('sqlite://storage.sqlite') > session.connect(request, response, db) > auth = Auth(globals(), db) > crud = Crud(globals(), db) > auth.settings.hmac_key = 'sha512:<secret key here>' > auth.define_tables(username=True) > crud.settings.auth = auth > > ---- AppA/models/db.py ---- > db = DAL('sqlite://../../appauth/storage.sqlite') # <-- yes, point to the db > file in AppAuth > session.connect(request, response, db, masterapp='appauth') > auth = Auth(globals(), db) > auth.define_tables(migrate=False, username=True) > auth.settings.login_url = '/appauth/default/user/login' > > ---- AppA/controllers/default.py ---- > @auth.requires_login() > def index(): > response.view='index.html' > return dict() > > @auth.requires_permission('sayhello') > def hello(): > response.view='saysomething.html' > return dict(message=T("hello")) > > The behavior of this in 1.96.1 (and 1.97.1) is that I will be able to login > and view the page provided in AppAuth, but when browse to AppA or AppB, it > will not be able to access it because auth says its not loggin. However all > this works in 1.95.1 > > If i go into web2py.gluon.tools.Auth and hack "current" to "current = > Storage(globals())" like it used to be in 1.95.1, and things works again. > > I'm sure forcing "current" from threading.local() to something else > definitely is not the correct way of doing this (as i dont know what is the > intention of the "current" is using for as well : ). > > Awaits your input, Many Thanks Massimo. > > best, > Zeng > > On Thu, Jul 21, 2011 at 8:44 PM, Massimo Di Pierro < > > > > > > > > [email protected]> wrote: > > This change should not break it. Can you please show us the code that > > breaks and we will check what is going on? It is possible that one of > > the auth modules has not been patched correctly. > > > Massimo > > > On Jul 21, 11:02 am, zeng <[email protected]> wrote: > > > Hey guys, > > > > I'm currently running version 1.95.1 and have 3 application, > > > "AppAuth", "AppA", "AppB", AppA and AppB is using "AppAuth" to > > > authenticate logged in user and it has been working great. > > > > After upgrading 1.96.1 and cross app authentication no longer works, > > > some debuging lead to: > > > ----- web2py.gluon.tools.Auth ---- > > > self.environment = current > > > request = current.request > > > session = current.session > > > ----- web2py.gluon.tools.Auth ---- > > > > and "current" is a threading.local() in gluon.globals.py !!! > > > > In the good'o 1.95.1 the session and auth object is retrieved from > > > global() , > > > > Question is, why is this changed? this seems to break the backward > > > compatibility "feature" of web2py, and what are the recommended > > > solutions now that global() is no longer used? > > > > Thanks!
