Hello Amber, You do not need to reinvent the wheel for this. Web2py can do it out of the box.
Application B. No special code. Just any web2py application that uses Auth and exposes the normal default/user action. Application A. Use decorators like @auth.requires_login() as normal but change auth = Auth(db) into auth = Auth(db,cas_provider = 'http://127.0.0.1:8000/applicaiton_B/default/user/cas') You can read more about this here: http://web2py.com/books/default/chapter/29/09?search=cas_provider If the two applications have different domains you need to add a line like this in application B. auth.settings.cas_domains.append('application_A_domain.com') On Sunday, 17 February 2013 12:43:28 UTC-6, Amber Doctor wrote: > > Currently I have an application (A) that redirects the user to a web2py > application (B) to log in. I want to change it so that the application A > instead calls B with a username/password and gets back dict(user:user) > where user is the result of auth.login_bare(username,password). I have > made a web2py app to mock A calling B with a Post. I have also created the > method in B to accept the data. Controllers provided below. When I make > the call, A is correctly getting the user information based on whether or > not B is able to log in the user. However, when I try to navigate around > application B's pages that are behind login, I'm told that I am not logged > in. > > For a quick sanity check, I also created a controller marked C, that uses > the auth.login_bare and not a POST and it works to log me into B > > Can anyone please provide insight into what I need to be doing differently > to allow A to log into B by passing username/password? > > > A > def test_remote_login(): > form = SQLFORM(db.remote_login).process() > if form.accepted: > username = form.vars.remote_login_username > password = form.vars.remote_login_password > access_method = form.vars.access_method > import httplib, base64, urllib > params = urllib.urlencode({'username':username, > 'password':password > }) > base64string = base64.encodestring('%s:%s' % (username , > password))[:-1] > username_password_combo = "Basic " + base64string > headers = {"Content-type": "application/x-www-form-urlencoded", > "Accept": "text/plain", "Authorization": username_password_combo} > conn = httplib.HTTPConnection(task_tracker_host_defined) > connection_url = '/tasktracker3/default/remote_login' + > access_method > conn.request("POST", connection_url, params, headers) > r1 = conn.getresponse() > data1 = r1.read() > conn.close() > response.flash='Accepted' > return locals() > > > B > @request.restful() > def remote_login(): > def POST(username,password): > user = auth.login_bare(username,password) > return dict(user=user) > return locals() > > C > def test_remote_login(): > username = request.args(0) > password = request.args(1) > user = auth.login_bare(username,password) > return dict(user=user) -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
