On 15 Jul 2012, at 11:12 AM, Jonathan Lundell wrote: > On 15 Jul 2012, at 11:10 AM, Ehigie Aito wrote: >> Just the telephone number and nothing else. > > And how persistent is the login? At what point do I as a user have to go > through the SMS handshake again?
What I'm trying to get at here is whether you need to have an auth database at all, or just use the session. > >> >> On Sun, Jul 15, 2012 at 4:48 PM, Jonathan Lundell <[email protected]> wrote: >> On 15 Jul 2012, at 6:48 AM, Pystar wrote: >>> I am confused on how to implement this strange authentication mechanism and >>> incorporate it into web2py and make it work natively. >>> Take this as an example of how it would work: >>> There is no registration on the site, whenever a user wants to login to >>> perform any action, he clicks in the login button, which takes him to a >>> form where he enters his phone number and a random alphanumeric code is >>> generated and sent to his phone which he now enters and gets authenticated >>> and he can now perform whatever action he wants. >>> How do I get this to play with login_bare() and @auth.requires_login()? >>> >> >> A couple of questions. >> >> Does the user enter anything other than the phone number (and later the >> code) as part of the login/auth process? >> >> How persistent is the login? >
