You might want to consider using this:
https://groups.google.com/d/msg/web2py/NrvxeWQJvH0/wbafxppaf1QJ (note,
'request_precinct' has been changed to the more general 'request_tenant', as
noted later in that thread). Otherwise, I suppose you could use the Auth
groups functionality (
http://web2py.com/book/default/chapter/08#Authorization) -- create a group
for each subdomain and assign/check permissions based on the current
request's subdomain. Note, the full multi-tenancy solution (first
link) might be better because it allows you to easily segment every single
database table by subdomain so any queries return only results related to
the particular subdomain.
Also, rather than creating your own requires_account decorator, you could
probably just use auth.requires (see
http://web2py.com/book/default/chapter/08#Combining-Requirements).
Anthony
On Monday, August 15, 2011 4:31:33 PM UTC-4, fishwebby wrote:
> (web2py newbie here) - I've got user authentication working ok, but
> I'd like to be able to scope the auth_users inside an account. My plan
> is to have accounts identified by subdomains, e.g.
> account_one.example.com, and then inside that the users can login (a
> la Basecamp).
>
> I've got the following working to get the account model based on the
> subdomain, redirecting to an "account not found" page:
>
> def requires_account(f):
> subdomain = request.env.http_host.split('.')[:-2].pop()
> account = db(db.account.subdomain==subdomain).select().first()
>
> if not account:
> redirect(URL('default', 'account_not_found'))
>
> return f
>
>
> @requires_account
> @auth.requires_login
> def index():
> ...
>
>
> However, I'm a bit stumped as to how to restrict the login to only
> those users in that account. I've added an account_id field to the
> auth_users table, but I'm not sure how to proceed - I think ideally
> I'd like to extend / override the requires_login method so it uses the
> account but I can't work out how to do it - any help (or suggestions
> of a better way to do it!) are greatly appreciated!
>
> Many thanks
> Dave
