Hello,
yes you are right.
Are these tools not enough for the aproach of "scopes"
http://web2py.com/books/default/chapter/29/09/access-control#Authorization
and http://web2py.com/books/default/chapter/29/09/access-control#Decorators
?
I mean you are talking about allow certain users to certai
The "proper" way would be to define "scopes" in your application. Scopes
define who has access to which data.
You can also call it roles or tags or whatever.
Scopes is the term that is used by OAuth/OpenID connect, which is usually
used to secure APIs.
Normally you would get an OpenID (OIDC) ID To
Hello,
I used this workaround in a similar case:
@auth.requires_login()
@request.restful()
def myapi():
def GET():
response.view = 'generic.json'
myreg = db(db.mytable.created_by==auth.user.id).select() # Maybe in
your case mytable.user_id==auth.user.id
if myreg:
On Tuesday, January 16, 2018 at 3:55:30 AM UTC-5, yogeshwar khalkar wrote:
>
> Thanks Anthony
> I have done this.
>
> @request.restful()
> def login():
> def POST(username, password):
> user = auth.login_bare(username, password)
> return json(user)
> return locals()
>
>
> It
Thanks Anthony
I have done this.
@request.restful()
def login():
def POST(username, password):
user = auth.login_bare(username, password)
return json(user)
return locals()
Its working fine for me.
But, am I doing it rigth.
On Mon, Jan 15, 2018 at 9:55 PM, Anthony wrot
Check
out
http://web2py.com/books/default/chapter/29/09/access-control#Manual-Authentication.
Also, check
out
https://github.com/web2py/web2py/blob/623f3b99477eb97ffadb20d6f7cb3da398253c9c/gluon/authapi.py#L20,
which Auth is built on top of.
Anthony
On Monday, January 15, 2018 at 10:16:38
Which problem are you having?
Em sexta-feira, 24 de março de 2017 15:20:31 UTC-3, PK escreveu:
>
> @request.restful()
> def api():
> response.view = 'generic.json'
> def GET(*args,**vars):
> patterns = [
> "/wishBoxes[wishBoxes]",
> "/wishBoxes[wishBoxes]/{w
7 matches
Mail list logo
