Hi there!
I have a web2py app that implements a JSON-RPC public webservice, over HTTPS.
It's public as it doesn't require user and password to authenticate.
However, the webservice is only consumed by a set of other applications that I manage.
So I would like those apps to use a key in order to connect to the webservice.
I'm trying to do such thing with a custom decorator, but I can't make it work.
This is what I have:
from gluon.tools import Service
service = Service()
def validate_key():
return True
@auth.requires(lambda: validate_key())
def call():
session.forget()
return service()
@service.jsonrpc
def test():
return 'test ok'
But when I try to connect to the webservice, I receive this error:
ProtocolError: <ProtocolError for dev.medios/ws/call/jsonrpc: 303 SEE OTHER>
I'm not sure if what I'm tying to do is possible in that way.
I know that I can apply the @auth.requires_login() decorator to the call() method, but that would force me to create users for every app using the webservice, and that's not wat I want. I would like to simply generate a key for every app that needs to use the webservice, and then ask the applications to use that key (either in the call to connect to the webservice, or in every call to any method of the webservice).
What would be the correct approach?
Thanks in advance.
Regards,
Lisandro.