Hi rdodev, I'm doing the exact same thing (well similar concept... using PhoneGap and remote auth, but using JSONRPC and OAuth2 instead of REST and regular auth)
Keep an eye on this issue: http://code.google.com/p/web2py/issues/detail?id=872 When the dev's get the time they'll be adding in digest auth support. All the best, Alec Taylor On Tue, Jul 17, 2012 at 1:18 AM, rdodev <[email protected]> wrote: > I'm developing a web2py app that will be used as the back-end for a mobile > app. The mobile app will be making API calls to the service for anything > ranging from login/authentication to CRUD operations. The auth model that > comes baked into web2py would suffice, except that it's not RESTful and it's > mostly geared to work with a web browser (sessions, cookies, etc.). Is there > a way to set the auth module to behave RESTfully? > > Another issue is that some of the mobile clients might be running on a > webView (phoneGap) and thus issuing requests to out back end would result in > a same-origin policy denial. Is there a way to setup CORS in web2py (or > should we set that up through apache/wsgi instead?) > > Thanks.
