Authentication more flexible - how?

16 views
Skip to first unread message

blackthorne

unread,
Feb 12, 2009, 10:34:37 PM2/12/09
to web2py Web Framework
hi

I just gave a try to the new Authentication scheme. Seems very easy
and straight forward although I don't really understand how does it
work behind the scenes.

On the Authentication we have something like:
def user():
return dict(form = auth())
in a controller that will generate lots of links like:
http://locahost:8000/application/default/user/register
http://locahost:8000/application/default/user/login
http://locahost:8000/application/default/user/logout
...

I feel very dumb at present moment since I can't understand the magic
on the auth() to make this happen. I even gave a look at tools.py but
I missed understanding what is going on.
I was used to the model {application}/{controller}/{method}. Doesn't
this break with it?

More important than that...
How can I generate, in a single page, both login and register forms
since Auth() seems to generate them according the URL passed?

mdipierro

unread,
Feb 13, 2009, 12:08:21 AM2/13/09
to web2py Web Framework
You can do:

def user():
return dict(form = auth())

which looks in request.args[0] and exposes:

http://locahost:8000/application/default/user/register
http://locahost:8000/application/default/user/login
http://locahost:8000/application/default/user/logout
etc.
or

def register():
return dict(form = auth.register(next="login"))
def login():
return dict(form = auth.login(next="index"))
def logout():
return dict(form = auth.logout(next="login"))

which expose:

http://locahost:8000/application/default/register
http://locahost:8000/application/default//login
http://locahost:8000/application/default/logout
etc.
On Feb 12, 9:34 pm, blackthorne <Francisco....@gmail.com> wrote:
> hi
>
> I just gave a try to the new Authentication scheme. Seems very easy
> and straight forward although I don't really understand how does it
> work behind the scenes.
>
> On the Authentication we have something like:
> def user():
>     return dict(form = auth())
> in a controller that will generate lots of links like:http://locahost:8000/application/default/user/registerhttp://locahost:8000/application/default/user/loginhttp://locahost:8000/application/default/user/logout

Fran

unread,
Feb 13, 2009, 3:05:10 AM2/13/09
to web2py Web Framework
On Feb 13, 3:34 am, blackthorne <Francisco....@gmail.com> wrote:
> How can I generate, in a single page, both login and register forms
> since Auth() seems to generate them according the URL passed?

All you need in the view is:
{{=form}}

I prefix mine with this to make it more user-friendly, which you can
adapt as you like:
<h2>
{{if request.args[0]=='login':}}
Login
{{elif request.args[0]=='register':}}
Register
{{elif request.args[0]=='profile':}}
Profile
{{pass}}
</h2>

F

blackthorne

unread,
Feb 13, 2009, 9:47:17 AM2/13/09
to web2py Web Framework
Yes thank you but notice 2 different questions:
- How can you have both login and register forms in the same page?
request.args[0] can never be both...

- If I want to add more fields to the user registration more specific
to the application I want to create... how can I avoid having to
create 2 forms (one for Auth and other for user attributes that I
consider relevant to my application)?

Thank you

blackthorne

unread,
Feb 13, 2009, 10:01:07 AM2/13/09
to web2py Web Framework
Never mind my first question...
I see I can do:
return dict(form = auth.register(next="login"),form2 = auth.login
(next="index"))

mdipierro

unread,
Feb 13, 2009, 10:36:16 AM2/13/09
to web2py Web Framework
that would not work. I can change tools to make it work.

Massimo

mdipierro

unread,
Feb 13, 2009, 10:43:09 AM2/13/09
to web2py Web Framework
With the latest trunk this will work.

On Feb 13, 9:01 am, blackthorne <Francisco....@gmail.com> wrote:

blackthorne

unread,
Feb 15, 2009, 7:41:44 PM2/15/09
to web2py Web Framework
Thank you, good to know.

What about...
- If I want to add more fields to the user registration more specific
to the application I want to create... how can I avoid having to
create 2 forms (one for Auth and other for user attributes that I
consider relevant to my application)? In other words, how can I
customize the Auth forms?

mdipierro

unread,
Feb 15, 2009, 8:46:41 PM2/15/09
to web2py Web Framework
before

auth.define_tables()

you can do

auth.settings.table_user=....

to point it to your own user table with more fields.

Massimo

Yannick

unread,
Feb 16, 2009, 9:54:26 AM2/16/09
to web2py Web Framework
Hello mate.
Massimo you say:
> With the latest trunk this will work.

Where can i get the latest trunk so i can make the "register" and
"login" work on the same page ?

Thank You.

Cheers,
Yannick P.

blackthorne

unread,
Feb 16, 2009, 10:02:53 AM2/16/09
to web2py Web Framework
With SVN:
# Non-members may check out a read-only working copy anonymously over
HTTP.
svn checkout http://web2py.googlecode.com/svn/trunk/ web2py-read-only

mdipierro

unread,
Feb 16, 2009, 10:18:42 AM2/16/09
to web2py Web Framework
I keep the svn and bzr in sync but I always commit the bzr first. This
means that bzr comments are more extensive.
I suggest

bzr branch http://launchpad.net/~mdipierro/web2py/devel

Francisco Gama

unread,
Feb 16, 2009, 12:18:37 PM2/16/09
to web2py Web Framework
hi, thank you for your help.

I tried that with the following code (based on gluon/tools.py - method define_tables) that intended to make to make the "last_name" field optional instead of mandatory. Btw, parallel to what I want to show, I believe this example could be used as proof of concept on how to customize the authentication in AlterEgo (unless there is an easier way to do it...). Anyway, to the code:

from gluon.tools import Mail, Auth, Recaptcha db=SQLDB("sqlite://test.db") mail=Mail() ## specify your SMTP server mail.settings.server = 'smtp.yourdomain.com:25' ## specify your email address mail.settings.sender = 'y...@yourdomain.com' ## optional: specify the username and password for SMTP mail.settings.login = 'username@password' ## instantiate the Auth class (or your derived class) auth = Auth(globals(), db) auth.settings.table_user= db.define_table( auth.settings.table_user_name, db.Field('first_name'), db.Field('optional_last_name'), db.Field('email'), db.Field('password', 'password', readable=False), db.Field('registration_key', writable=False, readable=False), ) auth.settings.table_user.first_name.requires = IS_NOT_EMPTY() auth.settings.table_user.password.requires = CRYPT() auth.settings.table_user.email.requires = [IS_EMAIL(), IS_NOT_IN_DB(db, '%s.email' % auth.settings.table_user._tablename)] auth.settings.table_user.registration_key.default = '' ## ask it to create all necessary tables auth.define_tables()
====================
This code fails to work. I sneak into the web2py's source code and found out what I believe to be the source of the problem. There is a bug when handling manual defined user tables. It's just an indentation issue that makes a part of the default table_user code to be executed (even if you define it manually). I also found this bugs repeated in all other tables like this.
This patch intends to fix all the bugs of this type to (really) allow manual customization of the authentication tables.

Thank you

Massimo said:
before 
auth.define_tables() 
you can do 
auth.settings.table_user=.... 
to point it to your own user table with more fields. 
Massimo 

--
Francisco Gama

E-mail: black...@ironik.org
MSN: black...@ironik.org
ICQ: 58040653
Google Talk: franci...@gmail.com
Skype: francisco_gtr
Cell phone: +351 934420305
manual_auth_tables.patch

mdipierro

unread,
Feb 16, 2009, 12:24:37 PM2/16/09
to web2py Web Framework
oops. Thanks.

Massimo

On Feb 16, 11:18 am, Francisco Gama <francisco....@gmail.com> wrote:
> hi, thank you for your help.
> I tried that with the following code (based on gluon/tools.py - method
> define_tables) that intended to make to make the "last_name" field optional
> instead of mandatory. Btw, parallel to what I want to show, I believe this
> example could be used as proof of concept on how to customize the
> authentication in AlterEgo (unless there is an easier way to do it...).
> Anyway, to the code:
>
> from gluon.tools import Mail, Auth, Recaptcha db=SQLDB("sqlite://test.db")
> mail=Mail() ## specify your SMTP server mail.settings.server = '
> smtp.yourdomain.com:25' ## specify your email address mail.settings.sender =
> '...@yourdomain.com' ## optional: specify the username and password for SMTP
> E-mail: blacktho...@ironik.org
> MSN: blacktho...@ironik.org
> ICQ: 58040653
> Google Talk: francisco....@gmail.com
> Skype: francisco_gtr
> Cell phone: +351 934420305
>
> manual_auth_tables.patch
> 5KViewDownload

Francisco Gama

unread,
Feb 16, 2009, 12:29:20 PM2/16/09
to web2py Web Framework
Here is the above code in a file so that you don't lose indentation :)

--
Francisco Gama

E-mail: black...@ironik.org
MSN: black...@ironik.org
ICQ: 58040653
Google Talk: franci...@gmail.com
auth.py

blackthorne

unread,
Feb 16, 2009, 1:18:43 PM2/16/09
to web2py Web Framework
Consider this a small brainstorm..

OK, now with your fix to my first question my own fix to my second
"problems are solved", right?

Apart from that, don't you think that something should be done to make
this customization problem easier?

I mean... all those lines of code just to make an optional field...
I notice that though I haven't any good idea on how to make it better.

On Feb 16, 5:29 pm, Francisco Gama <francisco....@gmail.com> wrote:
> Here is the above code in a file so that you don't lose indentation :)
> --
> Francisco Gama
>
> E-mail: blacktho...@ironik.org
> MSN: blacktho...@ironik.org
> ICQ: 58040653
> Google Talk: francisco....@gmail.com
> Skype: francisco_gtr
> Cell phone: +351 934420305
>
>  auth.py
> 2KViewDownload
Reply all
Reply to author
Forward
0 new messages