Authentication and better Crud

56 views
Skip to first unread message

mdipierro

unread,
Jan 23, 2009, 2:10:38 PM1/23/09
to web2py Web Framework
I am reposting this because I renamed the file

I have a preliminary version of inclusion if T2 functionality into
web2py core. I am not yet promising backward compatibility here. The
module name many change. For now it is in trunk as gluon/utils.py

Here is how you use it (assuming [app] is you application name).

1) put this in your model

from gluon.tools import * ###### <- this was utils.py now it is
tools.py
auth=Auth(globals(),db)
auth.define_tables()
crud=Crud(globals(),db)

2) put this in your "default" controller

def user(): return dict(form=auth())
def data(): return dict(form=crud())
def download(): return response.download(request,db)

def index():
response.flash=T('Welcome to web2py')
return dict(message=T('Hello World'))

Now visit:
http://..../[app]/default/user/register
http://..../[app]/default/user/login
http://..../[app]/default/user/profile
http://..../[app]/default/user/change_password
http://..../[app]/default/user/groups
http://..../[app]/default/user/logout
http://..../[app]/default/user/retrieve_password

http://..../[app]/default/data/tables
http://..../[app]/default/data/select/[app]_event
http://..../[app]/default/data/create/[app]_event
http://..../[app]/default/data/read/[app]_event/1
http://..../[app]/default/data/update/[app]_event/1
http://..../[app]/default/data/delete/[app]_event/1

now add to the model

mail=Mail()
mail.settings.server='smtp.whetever.com'
mail.settings.sender='...@whatever.com'
mail.settings.longin='username:password'
auth.settings.mail=mail

so that registration requires email verification

then add

auth.settings.captcha=RECAPTCHA
(request,public_key='RECAPTCHA_PUBLIC_KEY',private_key='RECAPTCHA_PRIVATE_KEY')

so that registration will use recaptcha

then add

crud.auth=auth

so that crud will enforce role based access control....

now you lost the permission to access http://.../database/....

now give yourself back permission *only* to select record in table
[app]_user

group_id=auth.add_group(role='Manager')
auth.add_membership(group_id,auth.user.id)
auth.add_permission(group_id,'select','[app]_user')

or to delete users

auth.add_permission(group_id,'delete','[app]_user')

get the idea?.... I think I have been following (or tried to) the
advice of some of the members here like Yarko, Ceej, Bill, Fran, and
others.

There is a lot more stuff in there (like decorators that enforce
permissions) that needs polishing and documenting.

This is not yet the end of the story but if you need Auth, Crud, you
can start using these.

Massimo

Wes James

unread,
Jan 23, 2009, 3:32:22 PM1/23/09
to web...@googlegroups.com
On Fri, Jan 23, 2009 at 12:10 PM, mdipierro <mdip...@cs.depaul.edu> wrote:
>
> I am reposting this because I renamed the file
>
> I have a preliminary version of inclusion if T2 functionality into
> web2py core. I am not yet promising backward compatibility here. The
> module name many change. For now it is in trunk as gluon/utils.py
>
> Here is how you use it (assuming [app] is you application name).
>
> 1) put this in your model
<snip>

is it now data or still database?

> http://..../[app]/default/data/tables
> http://..../[app]/default/data/select/[app]_event
> http://..../[app]/default/data/create/[app]_event
> http://..../[app]/default/data/read/[app]_event/1
> http://..../[app]/default/data/update/[app]_event/1
> http://..../[app]/default/data/delete/[app]_event/1
>

<snip>

> auth.settings.captcha=RECAPTCHA
> (request,public_key='RECAPTCHA_PUBLIC_KEY',private_key='RECAPTCHA_PRIVATE_KEY')
>
> so that registration will use recaptcha
>
> then add

I put this in and restarted web2py (continued below)

> crud.auth=auth
>
> so that crud will enforce role based access control....

> now you lost the permission to access http://.../database/....
>
> now give yourself back permission *only* to select record in table
> [app]_user

but did not put these in and I can still get to database tables (do
these go in db.py just as as you have them, except [app], of course??

also above, /data/ or /database/??

> group_id=auth.add_group(role='Manager')
> auth.add_membership(group_id,auth.user.id)
> auth.add_permission(group_id,'select','[app]_user')
>
> or to delete users
>
> auth.add_permission(group_id,'delete','[app]_user')
>

<snip>

-wj

Wes James

unread,
Jan 23, 2009, 3:51:02 PM1/23/09
to web...@googlegroups.com
On Fri, Jan 23, 2009 at 1:32 PM, Wes James <comp...@gmail.com> wrote:
> On Fri, Jan 23, 2009 at 12:10 PM, mdipierro <mdip...@cs.depaul.edu> wrote:
>>
>> I am reposting this because I renamed the file
>>
>> I have a preliminary version of inclusion if T2 functionality into
>> web2py core. I am not yet promising backward compatibility here. The
>> module name many change. For now it is in trunk as gluon/utils.py
>>

>


> but did not put these in and I can still get to database tables (do
> these go in db.py just as as you have them, except [app], of course??
>

>> group_id=auth.add_group(role='Manager')
>> auth.add_membership(group_id,auth.user.id)
>> auth.add_permission(group_id,'select','[app]_user')

never mind on this part. I went to a brower that i was not logged in
to the site and it gives errors like it should.

-wes

Wes James

unread,
Jan 23, 2009, 3:53:55 PM1/23/09
to web...@googlegroups.com

Sorry again, i went from 127.0.0.1 to a real ip address in trying to
test the email part (still haven't received an email)

Anyway I can view the database with crud.auth=auth in db.py.
(shouldn't be able to right?)

-wj

Wes James

unread,
Jan 23, 2009, 4:09:08 PM1/23/09
to web...@googlegroups.com
On Fri, Jan 23, 2009 at 12:10 PM, mdipierro <mdip...@cs.depaul.edu> wrote:
>
> I am reposting this because I renamed the file
>
> I have a preliminary version of inclusion if T2 functionality into
> web2py core. I am not yet promising backward compatibility here. The
> module name many change. For now it is in trunk as gluon/utils.py
>


tried retrieve password and got:

gluon/utils.py", line 571, in retrieve_password
self.settings.mailer.send(to=form.vars.email,
AttributeError: 'NoneType' object has no attribute 'send'

-wj

mdipierro

unread,
Jan 23, 2009, 7:16:08 PM1/23/09
to web2py Web Framework
you did not do the Mail part

mail=Mail()
mail.server='...'
mail.sender='...'
mail.login='...'
auth.settings.mailer=mail

Massimo

On Jan 23, 3:09 pm, Wes James <compte...@gmail.com> wrote:

Wes James

unread,
Jan 23, 2009, 10:54:21 PM1/23/09
to web...@googlegroups.com
I have a copy here. This is what I have:

from gluon.utils import *
auth=Auth(globals(),db)
auth.define_tables()
crud=Crud(globals(),db)

# so that registration requires email verification

mail=Mail()
mail.settings.server='...'
mail.settings.sender='...'
mail.settings.login=''
auth.settings.mail=mail

# so that registration will use recaptcha
#auth.settings.captcha=RECAPTCHA(request,public_key='RECAPTCHA_PUBLIC_KEY',private_key='RECAPTCHA_PRIVATE_KEY')

crud.auth=auth

-wj

mdipierro

unread,
Jan 23, 2009, 11:07:08 PM1/23/09
to web2py Web Framework
auth.settings.mailer=mail

On Jan 23, 9:54 pm, Wes James <compte...@gmail.com> wrote:
> I have a copy here.  This is what I have:
>
> from gluon.utils import *
> auth=Auth(globals(),db)
> auth.define_tables()
> crud=Crud(globals(),db)
>
> # so that registration requires email verification
>
> mail=Mail()
> mail.settings.server='...'
> mail.settings.sender='...'
> mail.settings.login=''
> auth.settings.mail=mail
>
> # so that registration will use recaptcha
> #auth.settings.captcha=RECAPTCHA(request,public_key='RECAPTCHA_PUBLIC_KEY',private_key='RECAPTCHA_PRIVATE_KEY')
>
> crud.auth=auth
>
> -wj
>

Wes James

unread,
Jan 23, 2009, 11:15:58 PM1/23/09
to web...@googlegroups.com
ah - ok - i just copied from your original email ;)

also any ideas about the recaptcha error?

thx!

Fran

unread,
Jan 26, 2009, 5:26:17 PM1/26/09
to web2py Web Framework
On Jan 23, 7:10 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
> I have a preliminary version of inclusion if T2 functionality into
> web2py core. I am not yet promising backward compatibility here. The
> module name many change. For now it is in trunk as gluon/tools.py

I just started looking at this...porting my app to use this (as I
assume that T2's version will stagnate & future development will focus
here, right?)

The strings in the Auth & Crud classes should be localisable via T().

The fact that all Auth functions are off a single function means that
we need a view which has different options depending on the arg, e.g.:
<h1>
{{if request.args[0]=='register':}}
Register
{{elif request.args[0]=='login':}}
Login
{{pass}}
</h1>

We should have an example of this in the welcome app to avoid everyone
having to reinvent this wheel.

When I register() I get a message 'verification email sent' even when
I've not yet set 'auth.settings.mailer=mail'
- ideally user would be automatically logged-in (as per nemik's Patch:
http://groups.google.com/group/web2py/msg/175ceca92b19713b)
I can login with the just-registered user (no email actually sent).
Then I get redirected to the user/register screen which is unexpected.

I'll keep hacking away :)

F

mdipierro

unread,
Jan 26, 2009, 11:33:31 PM1/26/09
to web2py Web Framework
Not necessarily.

You can do

def user(): return dict(form=auth())

or

def login(): return dict(form=auth.login())
def register(): return dict(form=auth.register())
....

In the second case the syntax is similar to T2.

Massimo
Reply all
Reply to author
Forward
0 new messages