Just some clarification. In the solution I'm trying to implement, I need to make sure that only the person who entered the reviewer code can view the data; much like user login but anonymous. Because it is anonymous and there is no entry in db.auth_user, I think the decorator @auth.requires_login() is now insufficient. However, I believe authentication mechanism would be highly similar if not identical.
On Wednesday, May 30, 2012 5:55:06 PM UTC+2, Liam wrote: > > Hi LightDot, > > Thanks for the quick reply. > > The user is able to perform analyses on data that they've uploaded to the > site. When they wish to publish an article in a journal based on the > analyses, they need to allow reviewers to see the data generated by the > analyses along with the initial data the analyses were based upon. The > reviewers should be able to view the user's data without having to register > at the site. If the article is accepted by the journal, then the user data > used and created by their published analyses will become publicly available. > > The solution I've come up with is to have the user generate a "reviewer > code", which is not necessarily encrypted, and provides the journal editor > the code along with the manuscript they submit. The reviewers then get this > code with the manuscript. In a special section on the site, the reviewers > can enter the code and will then be able to browse the necessary data. If > the publication is accepted, then the user is able to publish all the data, > which is now accessible to the public. I guess at this point it doesn't > matter if the reviewer code can still be used. > > Cheers, > Liam > > On Wednesday, May 30, 2012 3:01:14 PM UTC+2, LightDot wrote: >> >> So, this would be a one time password that expires? And this data that >> the user views is generated on the fly and also discarded later? >> >> On Wednesday, May 30, 2012 9:09:31 AM UTC+2, Liam wrote: >>> >>> Dear all, >>> >>> I'm looking for a way to allow non-users of my application to login >>> given a password (generated by a user) so they can view some of the user's >>> data. Does anyone know if web2py readily supports this? Or perhaps someone >>> has an idea on how to implement it. >>> >>> Regards, >>> Liam >>> >>>
