On Tuesday, December 13, 2011 3:45:34 PM UTC-5, Jonathan Lundell wrote: > > On Dec 13, 2011, at 12:28 PM, peter wrote: > > > So in my example above. How does web2py's admin know I am logged in? > > Does it do this by accessing a cookie on my computer, if so how does > > it do that behind the scenes? Could urllib2.urlopen really handle > > this? > > Ordinarily it knows you're logged in because: > > 1. When you first log in, remembers it in a session and returns a cookie > to your browser. > > 2. On subsequent requests, your browser includes that cookie, and web2py > uses it to find the session (and its login state). (That's why you can find > the cookie in request.cookies.) > > So you need to take the session cookie and (like the browser) send it > along with the urllib2 request. (I could be missing something, but I don't > think you need basic auth here.) > Sounds about right. So, basically, you would post the login form values to the login URL, get back the session cookie, and then send the session cookie back with the subsequent page request so the app would recognize you as authenticated.
>
