Hi Massimo,
Further tracing lead to some additional information:
---- AppA/models/db.py ----
from gluon.shell import exec_environment
common_db = exec_environment('applications/appauth/models/db.py',
request=request, response=response)
db = common_db.db # <-- yes, point to the db file in AppAuth
session.connect(request, response, db, masterapp='appauth')
auth = Auth(globals(), db)
auth.define_tables(migrate=False, username=True)
auth.settings.login_url = '/appauth/default/user/login'
---------------------------
What's interesting is the exec_enviroment(), which i use to load the
db value from AppAuth in AppA, if exec_environment() is called it will
"reset" the session to empty, if I do not use exec_enviroment() cross
app login will work in both 1.95.1 and 1.96.1, if I do, it will only
work in 1.95.1
Ok, and the next question I may sound like a retard, where to submit
the ticket?
best,
Zeng
On Aug 1, 11:28 am, Massimo Di Pierro <[email protected]>
wrote:
> Please open a ticket about this.
>
> On Jul 22, 2:25 am, Heng Zeng Aun <[email protected]> wrote:
>
>
>
>
>
>
>
> > Good day Massimo,
>
> > the following are the snippets:
>
> > ---- AppAuth/models/db.py ----
> > db = DAL('sqlite://storage.sqlite')
> > session.connect(request, response, db)
> > auth = Auth(globals(), db)
> > crud = Crud(globals(), db)
> > auth.settings.hmac_key = 'sha512:<secret key here>'
> > auth.define_tables(username=True)
> > crud.settings.auth = auth
>
> > ---- AppA/models/db.py ----
> > db = DAL('sqlite://../../appauth/storage.sqlite') # <-- yes, point to the db
> > file in AppAuth
> > session.connect(request, response, db, masterapp='appauth')
> > auth = Auth(globals(), db)
> > auth.define_tables(migrate=False, username=True)
> > auth.settings.login_url = '/appauth/default/user/login'
>
> > ---- AppA/controllers/default.py ----
> > @auth.requires_login()
> > def index():
> > response.view='index.html'
> > return dict()
>
> > @auth.requires_permission('sayhello')
> > def hello():
> > response.view='saysomething.html'
> > return dict(message=T("hello"))
>
> > The behavior of this in 1.96.1 (and 1.97.1) is that I will be able to login
> > and view the page provided in AppAuth, but when browse to AppA or AppB, it
> > will not be able to access it because auth says its not loggin. However all
> > this works in 1.95.1
>
> > If i go into web2py.gluon.tools.Auth and hack "current" to "current =
> > Storage(globals())" like it used to be in 1.95.1, and things works again.
>
> > I'm sure forcing "current" from threading.local() to something else
> > definitely is not the correct way of doing this (as i dont know what is the
> > intention of the "current" is using for as well : ).
>
> > Awaits your input, Many Thanks Massimo.
>
> > best,
> > Zeng
>
> > On Thu, Jul 21, 2011 at 8:44 PM, Massimo Di Pierro <
>
> > [email protected]> wrote:
> > > This change should not break it. Can you please show us the code that
> > > breaks and we will check what is going on? It is possible that one of
> > > the auth modules has not been patched correctly.
>
> > > Massimo
>
> > > On Jul 21, 11:02 am, zeng <[email protected]> wrote:
> > > > Hey guys,
>
> > > > I'm currently running version 1.95.1 and have 3 application,
> > > > "AppAuth", "AppA", "AppB", AppA and AppB is using "AppAuth" to
> > > > authenticate logged in user and it has been working great.
>
> > > > After upgrading 1.96.1 and cross app authentication no longer works,
> > > > some debuging lead to:
> > > > ----- web2py.gluon.tools.Auth ----
> > > > self.environment = current
> > > > request = current.request
> > > > session = current.session
> > > > ----- web2py.gluon.tools.Auth ----
>
> > > > and "current" is a threading.local() in gluon.globals.py !!!
>
> > > > In the good'o 1.95.1 the session and auth object is retrieved from
> > > > global() ,
>
> > > > Question is, why is this changed? this seems to break the backward
> > > > compatibility "feature" of web2py, and what are the recommended
> > > > solutions now that global() is no longer used?
>
> > > > Thanks!
