That's great to hear. Any chance that a token-based API authentication module would be included in the trunk, if someone were to create one? Or would that be better as a plugin? I'd be happy to do the grunt work of adapting one of the modules available for the other frameworks (I've found one for Django and TG) if a more experienced programmer would advise me on how to approach the problem.
By the way, I'm totally impressed with web2py's new RESTful API. I've been learning and thinking a lot about RESTful approach to APIs, and it's going to totally change how I approach web apps from now on. I'll use web2py to build RESTful APIs, then use Ajax for my web frontends, and then I'll have a nice restful API available for other programmers or if I decide to commission a native Android or iPhone client for a given app. On Sep 15, 4:33 pm, Massimo Di Pierro <[email protected]> wrote: > Michele has created a x509 authentication module. Part his code is in > web2py trunk, part is pending waiting for Tim to include it in Rocket. > It will be available soon. > > On Sep 15, 3:01 pm, Ross Peoples <[email protected]> wrote: > > > > > > > > > I am very interested in token-based authentication and authorization using > > web services because I'm about to have to start getting in to that. I do > > have a question though, because I was wondering this: can you make a > > login(username, password) function that does the authentication, then saves > > something like logged_in=True to the session? > > > I only ask because I don't know if web service clients (like XML-RPC and > > JSON-RPC) observe sessions. It would be interesting to see, because then you > > wouldn't need to worry about tokens and it would work more like the > > traditional web-based login from a browser.
