> > Actually, looking at the code, auth.user.id should work as well, unless > you have auth.settings.registration_requires_verification = True, in which > case, session.auth.user.id won't work either (but form.vars.id will work > in either case). >
I was going to update this post to reflect this, after some testing myself. I am indeed using email verification for registration, and I've noticed another potential gotcha: the verification email is sent before the register_onaccept callback, so if anything goes wrong during the callback (which I would still consider part of the registration process), the verification email will be sent regardless. I wonder if this would cause problem in some applications...
