only when the session expires according to web2py rules or the user explicitly logs off
On Sun, Jul 15, 2012 at 7:12 PM, Jonathan Lundell <[email protected]>wrote: > On 15 Jul 2012, at 11:10 AM, Ehigie Aito wrote: > > Just the telephone number and nothing else. > > > And how persistent is the login? At what point do I as a user have to go > through the SMS handshake again? > > > On Sun, Jul 15, 2012 at 4:48 PM, Jonathan Lundell <[email protected]> > wrote: > >> On 15 Jul 2012, at 6:48 AM, Pystar wrote: >> >> I am confused on how to implement this strange authentication mechanism >> and incorporate it into web2py and make it work natively. >> Take this as an example of how it would work: >> There is no registration on the site, whenever a user wants to login to >> perform any action, he clicks in the login button, which takes him to a >> form where he enters his phone number and a random alphanumeric code is >> generated and sent to his phone which he now enters and gets authenticated >> and he can now perform whatever action he wants. >> How do I get this to play with login_bare() and @auth.requires_login()? >> >> >> A couple of questions. >> >> Does the user enter anything other than the phone number (and later the >> code) as part of the login/auth process? >> >> How persistent is the login? >> >> > >
