[web2py] logging into a web2py application from another app by passing username/password

Sun, 17 Feb 2013 10:43:31 -0800 

Currently I have an application (A) that redirects the user to a web2py 
application (B) to log in.  I want to change it so that the application A 
instead calls B with a username/password and gets back dict(user:user) 
where user is the result of auth.login_bare(username,password).  I have 
made a web2py app to mock A calling B with a Post.  I have also created the 
method in B to accept the data.   Controllers provided below.  When I make 
the call, A is correctly getting the user information based on whether or 
not B is able to log in the user.  However, when I try to navigate around 
application B's pages that are behind login, I'm told that I am not logged 
in.  

For a quick sanity check, I also created a controller marked C, that uses 
the auth.login_bare and not a POST and it works to log me into B

Can anyone please provide insight into what I need to be doing differently 
to allow A to log into B by passing username/password?


A
def test_remote_login():
    form = SQLFORM(db.remote_login).process()
    if form.accepted:
        username = form.vars.remote_login_username
        password = form.vars.remote_login_password
        access_method = form.vars.access_method
        import httplib, base64, urllib
        params = urllib.urlencode({'username':username,
                                    'password':password
                                    })
        base64string = base64.encodestring('%s:%s' % (username , 
password))[:-1]
        username_password_combo = "Basic " + base64string
        headers = {"Content-type": "application/x-www-form-urlencoded", 
"Accept": "text/plain", "Authorization": username_password_combo}
        conn = httplib.HTTPConnection(task_tracker_host_defined)
        connection_url = '/tasktracker3/default/remote_login' + 
access_method
        conn.request("POST", connection_url, params, headers)
        r1 = conn.getresponse()
        data1 = r1.read()
        conn.close()
        response.flash='Accepted'
    return locals()


B
@request.restful()
def remote_login():
    def POST(username,password):
        user = auth.login_bare(username,password)
        return dict(user=user)
    return locals()

C
def test_remote_login():
    username = request.args(0)
    password = request.args(1)
    user = auth.login_bare(username,password)
    return dict(user=user)

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to