Interesting. When you say it did not work. What html did it generate?
On Sunday, 6 May 2012 03:25:41 UTC-5, Rhys wrote:
>
> Hey Massimo,
>
> You've steered me in the right direction.
>
> Basically I've had to put in a pure opening html form element in, and then
> use the custom form widgets afterwards. Works now. Resulting in:
>
> <form action="user/login" method="post">
> {{=form.custom.widget.email}}
> {{=form.custom.widget.password}}
> {{=form.custom.end}}
>
> The
>
> form['_action'] = URL('user/login')
>
> or
>
> form.attributes['_action'] = URL('user/login')
>
>
> for some reason didn't want to work.
>
> Cheers,
>
> Rhys
>
> On Sunday, May 6, 2012 3:50:52 PM UTC+10, Massimo Di Pierro wrote:
>>
>> This is because of the mechanism to prevent CSRF attacks.
>> There are supposed to be two hidden fields, one is the formname. The
>> other is the formkey (a unique onetime token).
>>
>> Try:
>>
>> {{
>> form=auth.login()
>> form['_action']=URL('user/login')
>> }}
>> {{=form.custom.begin}}
>> {{=form.custom.widget.email}}
>> {{=form.custom.widget.password}}
>> <input type="submit" value="login">
>> <input type="hidden" name="_next" value="/feed">
>> {{=form.custom.end}}
>>
>>
>> On Saturday, 5 May 2012 23:37:57 UTC-5, Rhys wrote:
>>>
>>> Hey Alan,
>>>
>>> I don't want to redirect. I'll try and to explain it a bit more.
>>>
>>> Basically I have two forms. One which is a drop down, in pure html
>>>
>>> <form action="/user/login" method="post">
>>> <input type="hidden" name="_formname" value="login">
>>> <input type="hidden" name="_next" value="/feed">
>>> <input type="text" name="email" id="auth_user_email">
>>> <input type="password" name="password" id="aut_user_password">
>>> <input type="submit" value="login">
>>> </form>
>>>
>>>
>>>
>>> ^ this Form is on every page which the user is not logged into. When
>>> they fill out this form and click submit I want the /user/login page to
>>> process it, but it is not doing so. When the page finds there is an error
>>> with the login or the user is not authorised, I would like the /user/login
>>> form which is exactly the same form as above but on another page with the
>>> drop down one removed, to present there was an error with the login.
>>>
>>> Both forms I've done in html so there is no form key to process. I'm
>>> trying to figure out why auth.login() doesn't process it as the
>>> form.accepts() method in auth.login() has the same formname. What is
>>> preventing it from being processed. It's driving me in sane. I'm stepping
>>> through the code in debug mode and can't find why it would not process it.
>>> It is basically a SQL form in html like described in the web2py book.
>>>
>>> Any insight would be great by any!
>>>
>>> On Sunday, May 6, 2012 12:19:49 AM UTC+10, Alan Etkin wrote:
>>>>
>>>> *auth.is_logged_in()* will return a bool object. True for
>>>> authenticated user and I belive *auth.user_id* attribute is None for
>>>> the non authenticated user. *auth *being the Auth class instance
>>>> created by the welcome scaffolding application.
>>>>
>>>> You could use the returned values to catch unsuccessful authentication
>>>> and redirect to the correct action
>>>>
>>>> There is an Auth setting for failed authentication (for example, it's
>>>> possible to call a function on failed login)
>>>> ("Settings and Messages", web2py book 4th edition, 9.3.7)
>>>>
>>>> auth.settings.on_failed_authentication = lambda url: redirect(url)
>>>>
>>>> On Saturday, May 5, 2012 9:51:23 AM UTC-3, Rhys wrote:
>>>>>
>>>>> I'm creating a custom drop down login form for all pages where the
>>>>> user isn't logged in. Once they try and login through this form if it
>>>>> is unsuccessful it redirects to the /user/login page with the auth.login
>>>>> form. How do I get a error if the login has resulted in an invalid login.
>>>>> As there are two forms I've tried also tried to do a form out of html so
>>>>> there is no form key. Still no luck. Is it s simple variable I can use to
>>>>> determine if it is successful?
>>>>
>>>>
