Jon,
You MUST have to access the form before send your POST message, to access
the CSRF token sended from web2py. This is a security solution that
disallow other people to send undesired messages to your app.
Best Regards,
José Ricardo Borba
2015-08-05 10:37 GMT-03:00 Jon M. <lej...@gmail.com>:
> Thanks for the support and figuring it out with the community!
>
> Providing answers in the right order:
>
> @Anthony, the HTTPS protocol is not yet implemented, first we need the
> transactions fully working, so HTTP protocol is used meanwhile. We're not
> using web browsers, is the Android App that generates a POST with JSON
> request, that is:
>
> "{entry_value=<data_used_by_functions>}"
>
> As if you were using curl for generating POSTs, the auth is provided with
> credential, classic username and password strings (for now).
>
> @Anthony, @Dave_S, as said above, the Android sends this vía web with HTTP
> with JSON, the development is done in a PC connected to local LAN, so, the
> Android device with it's own native application generates curl like
> request, and sends it to the PC's IP within the LAN. And in another version
> of the same native Android app, it communicates to the same web2py project
> hosted in pythonanywhere. The guys in pythonanywhere told me that the issue
> has nothing to do with the server provided by them, they said that the CSRF
> token could be expired.
>
> Could the issue be the:
>
> auth.settings.allow_basic_login = True
> @auth.requires_login()
>
> In the different functions that exchange or bring the auth credential. Can
> it be lost after certain number of hops between functions? Is that a misuse
> of those two rows of authentication method in the default.py?
>
> Thanks again! :D
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
--
José Ricardo Borba
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
