My bad
>>> form = auth.login()
>>> form['_action']=URL('somewhere')
>>> print form
<form action="/welcome/default/somewhere".... <<< correct
>>> print form.custom.begin
<form action="" .... <<< incorrect
the form.custom.begin is filled by the form constructor in auth.login() and
therefore it is not aware of the change form['_action']=URL('somewhere')
The easiest solution would be to build the <form...> open tag manually.
Perhaps web2py can be improved in this respect.
On Monday, 7 May 2012 06:32:44 UTC-5, Rhys wrote:
>
> Hey Massimo,
>
> The
>
> {{form=auth()}}
> {{form['_acton'] = "/user/login"}}
> {{=form.custom.begin}}
>
>
> spat out the html without the updated action
>
> <html action="" method="post" enctype="multipart/form-data">
>
>
> Cheers,
>
> Rhys
>
>
> On Monday, May 7, 2012 12:52:20 AM UTC+10, Massimo Di Pierro wrote:
>>
>> Interesting. When you say it did not work. What html did it generate?
>>
>> On Sunday, 6 May 2012 03:25:41 UTC-5, Rhys wrote:
>>>
>>> Hey Massimo,
>>>
>>> You've steered me in the right direction.
>>>
>>> Basically I've had to put in a pure opening html form element in, and
>>> then use the custom form widgets afterwards. Works now. Resulting in:
>>>
>>> <form action="user/login" method="post">
>>> {{=form.custom.widget.email}}
>>> {{=form.custom.widget.password}}
>>> {{=form.custom.end}}
>>>
>>> The
>>>
>>> form['_action'] = URL('user/login')
>>>
>>> or
>>>
>>> form.attributes['_action'] = URL('user/login')
>>>
>>>
>>> for some reason didn't want to work.
>>>
>>> Cheers,
>>>
>>> Rhys
>>>
>>> On Sunday, May 6, 2012 3:50:52 PM UTC+10, Massimo Di Pierro wrote:
>>>>
>>>> This is because of the mechanism to prevent CSRF attacks.
>>>> There are supposed to be two hidden fields, one is the formname. The
>>>> other is the formkey (a unique onetime token).
>>>>
>>>> Try:
>>>>
>>>> {{
>>>> form=auth.login()
>>>> form['_action']=URL('user/login')
>>>> }}
>>>> {{=form.custom.begin}}
>>>> {{=form.custom.widget.email}}
>>>> {{=form.custom.widget.password}}
>>>> <input type="submit" value="login">
>>>> <input type="hidden" name="_next" value="/feed">
>>>> {{=form.custom.end}}
>>>>
>>>>
>>>> On Saturday, 5 May 2012 23:37:57 UTC-5, Rhys wrote:
>>>>>
>>>>> Hey Alan,
>>>>>
>>>>> I don't want to redirect. I'll try and to explain it a bit more.
>>>>>
>>>>> Basically I have two forms. One which is a drop down, in pure html
>>>>>
>>>>> <form action="/user/login" method="post">
>>>>> <input type="hidden" name="_formname" value="login">
>>>>> <input type="hidden" name="_next" value="/feed">
>>>>> <input type="text" name="email" id="auth_user_email">
>>>>> <input type="password" name="password" id="aut_user_password">
>>>>> <input type="submit" value="login">
>>>>> </form>
>>>>>
>>>>>
>>>>>
>>>>> ^ this Form is on every page which the user is not logged into. When
>>>>> they fill out this form and click submit I want the /user/login page to
>>>>> process it, but it is not doing so. When the page finds there is an error
>>>>> with the login or the user is not authorised, I would like the
>>>>> /user/login
>>>>> form which is exactly the same form as above but on another page with the
>>>>> drop down one removed, to present there was an error with the login.
>>>>>
>>>>> Both forms I've done in html so there is no form key to process. I'm
>>>>> trying to figure out why auth.login() doesn't process it as the
>>>>> form.accepts() method in auth.login() has the same formname. What is
>>>>> preventing it from being processed. It's driving me in sane. I'm stepping
>>>>> through the code in debug mode and can't find why it would not process
>>>>> it.
>>>>> It is basically a SQL form in html like described in the web2py book.
>>>>>
>>>>> Any insight would be great by any!
>>>>>
>>>>> On Sunday, May 6, 2012 12:19:49 AM UTC+10, Alan Etkin wrote:
>>>>>>
>>>>>> *auth.is_logged_in()* will return a bool object. True for
>>>>>> authenticated user and I belive *auth.user_id* attribute is None for
>>>>>> the non authenticated user. *auth *being the Auth class instance
>>>>>> created by the welcome scaffolding application.
>>>>>>
>>>>>> You could use the returned values to catch unsuccessful
>>>>>> authentication and redirect to the correct action
>>>>>>
>>>>>> There is an Auth setting for failed authentication (for example, it's
>>>>>> possible to call a function on failed login)
>>>>>> ("Settings and Messages", web2py book 4th edition, 9.3.7)
>>>>>>
>>>>>> auth.settings.on_failed_authentication = lambda url: redirect(url)
>>>>>>
>>>>>> On Saturday, May 5, 2012 9:51:23 AM UTC-3, Rhys wrote:
>>>>>>>
>>>>>>> I'm creating a custom drop down login form for all pages where the
>>>>>>> user isn't logged in. Once they try and login through this form if it
>>>>>>> is unsuccessful it redirects to the /user/login page with the
>>>>>>> auth.login
>>>>>>> form. How do I get a error if the login has resulted in an invalid
>>>>>>> login.
>>>>>>> As there are two forms I've tried also tried to do a form out of html
>>>>>>> so
>>>>>>> there is no form key. Still no luck. Is it s simple variable I can use
>>>>>>> to
>>>>>>> determine if it is successful?
>>>>>>
>>>>>>
