Web2py Restfull API Token authentication
524 views
Skip to first unread message
Stefan van den Eertwegh
Aug 25, 2015, 9:37:15 AM8/25/15
to web2py-users
Hi everyone,
If i search on authentication for restfull API web2py i get basic auth as a result in google and google groups.
Does anyone know how to use a token authentication for the Restfull service like db.auth_user.token ...?
Thanks!
Massimo Di Pierro
Aug 26, 2015, 11:59:51 AM8/26/15
to web2py-users
That logic was added and then removed from auth, under the assumption that we would add support for JWT.
This is open for discussion.
Stefan van den Eertwegh
Aug 26, 2015, 12:18:31 PM8/26/15
to web2py-users
Oke. If it works it's oke.
But lets say massimo, i want to communicate with the restful service from web2py from angularJS, i see 2 possible bottlenecks.
I cant use the $resource function because the web2py api is api/product/id/3 and not api/product/3 and there is no way to authenticate with web2py from angularJS using something other than plain text basic_auth.
Am i right?
Greetings,
Stefan
Op woensdag 26 augustus 2015 17:59:51 UTC+2 schreef Massimo Di Pierro:
Op woensdag 26 augustus 2015 17:59:51 UTC+2 schreef Massimo Di Pierro:
Matheus Cardoso
Aug 26, 2015, 5:16:59 PM8/26/15
to web2py-users
Stefan,
If I'm not wrong you can do the following with Angular:
Am I right?
If I'm not wrong you can do the following with Angular:
.factory('API', ['$resource', function($resource){
return $resource("api/product/id/:id", {id: '@id'});
}]);Am I right?
Stefan van den Eertwegh
Aug 27, 2015, 5:10:31 AM8/27/15
to web2py-users
If i am correct, that is for a single call. I want to use the $resource call for several calls like update, delete, get, query et cetera. And if you do not use :id it strips :id but not /id/..
Op woensdag 26 augustus 2015 23:16:59 UTC+2 schreef Matheus Cardoso:
Op woensdag 26 augustus 2015 23:16:59 UTC+2 schreef Matheus Cardoso:
Matheus Cardoso
Aug 27, 2015, 5:13:46 PM8/27/15
to web2py-users
Actually with this declaration, you can do "update, delete, get, query et cetera", because Angular knows what to do in each case. However, you r right about not stripping "/id", hence it would not works with web2py API. But I'll make a long shot guess: considering that you can override controllers url in routes.py, I think that you could do the same with API urls removing "/id".
On Tuesday, August 25, 2015 at 10:37:15 AM UTC-3, Stefan van den Eertwegh wrote:
Stefan van den Eertwegh
Aug 28, 2015, 4:47:45 PM8/28/15
to web2py-users
Do you have an example maybe for the routes.py? And also the basic auth problem is still there.
Op donderdag 27 augustus 2015 23:13:46 UTC+2 schreef Matheus Cardoso:
Op donderdag 27 augustus 2015 23:13:46 UTC+2 schreef Matheus Cardoso:
Niphlod
Sep 2, 2015, 4:15:48 AM9/2/15
to web2py-users
I'm back from holidays, JWT support is on the way to master repo. Stay tuned, also because I have some experience with js frameworks but not with Angular. We may tune the code for JWT to make Angular integration easy. If a slice comes out detailing the integration process wouldn't hurt :-P
Dave S
Sep 4, 2015, 10:37:50 PM9/4/15
to web2py-users
On Wednesday, September 2, 2015 at 1:15:48 AM UTC-7, Niphlod wrote:
I'm back from holidays, JWT support is on the way to master repo. Stay tuned, also because I have some experience with js frameworks but not with Angular. We may tune the code for JWT to make Angular integration easy. If a slice comes out detailing the integration process wouldn't hurt :-P
Ah, another expansion of the reading list. I'm skimming RFC 7515 right now.
/dps
Niphlod
Sep 6, 2015, 2:45:10 PM9/6/15
to web2py-users
code has been handed over and we're discussing on api details on the developers list. Shouldn't take much.
Reply all
Reply to author
Forward
0 new messages