I guess you could have wordpress set a cookie of some sort if they have
access, and then use that cookie in web2py to control access.
On Thursday, February 7, 2013 11:13:41 AM UTC-7, Kenneth wrote:
>
> Hi Michael,
>
> Am I understanding you solution completly wrong but isn't it so that
> web2py asks WP if a username and password compination is OK. In my case
> customer first logs into a WP site, he gets a list of manuals he has paid
> for. When selecting a manual he wants to read he is sent to a web2py site.
> Somehow WP has to tell web2py that it is OK to show the site for the user.
>
>
> Kenneth
>
>
> Hello Kenneth,
>
>
>> But how do I handle that WP takes care of authentication and somehow
>> gives the customer rights to view the manual.
>>
>>
> I had a similar problem. I added an XMLRPC method to my wordpress instance
> to check if a given username/password combination is valid and added an
> auth method to my web2py instance which calls that XMLRPC method.
>
> Wordpress Code:
>
> # custom remote auth
> add_filter( 'xmlrpc_methods', 'my_add_xml_rpc_methods' );
>
> function my_add_xml_rpc_methods( $methods ) {
> $methods['mh.testCredentials'] = 'test_credentials';
> return $methods;
> }
>
>
> function test_credentials( $params ) {
>
> global $wp_xmlrpc_server;
>
> $blog_id = (int) $params[0]; // not used, but follow in the form of
> the wordpress built in XML-RPC actions
> $username = $params[1];
> $password = $params[2];
> $args = $params[3];
>
> // verify credentials
> if ( ! $wp_xmlrpc_server->login( $username, $password ) ) {
> return False;
> }
>
>
> do_action( 'xmlrpc_call', 'mh.testCredentials' ); // patterned on the
> core XML-RPC actions
>
> // return success
> return True;
> }
>
> This is one of the tutorials I used when coming up with this:
> http://www.foxrunsoftware.net/articles/wordpress/extending-the-wordpress-xml-rpc-api/
>
> Now the web2py part - copy to ./gluon/contrib/login_methods/my_auth.py
>
> from wordpress_xmlrpc import Client
> from wordpress_xmlrpc import AuthenticatedMethod
> from wordpress_xmlrpc import InvalidCredentialsError
>
>
> class GetUserInfo(AuthenticatedMethod):
> method_name = "mh.testCredentials"
>
>
>
> def my_auth(server):
> """
> to use basic login with a different server
> from gluon.contrib.login_methods.basic_auth import basic_auth
> auth.settings.login_methods.append(basic_auth('http://server'))
> """
>
> def basic_login_aux(username,
> password,server=server):
> wp = Client(server, username, password)
> retVal = None
> try:
> retVal = wp.call(GetUserInfo())
> except InvalidCredentialsError:
> return False
> return retVal
> return basic_login_aux
>
>
>
> Now, where you configure your auth module, add this:
> from gluon.contrib.login_methods.my_auth import my_auth
> auth.settings.login_methods=[my_auth("http://mywordpress/xmlrpc.php";<http://mywordpress/xmlrpc.php>
> )] # smart people use https
> auth.settings.actions_disabled.append('register')
>
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+un...@googlegroups.com <javascript:>.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
>
>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
