> > > It looks like WooCommerce makes a POST request, so the values posted > > should end up in request.post_vars. > > maybe I don't understand... what I think I need to check is the raw body > of the request... isn't it? How should I check the request.post_vars? > Isn't it a dictionary or a Storage object? >
You could parse the request body yourself, but web2py will do it automatically and put the variables in request.post_vars (if JSON is posted, its keys will become the keys of request.post_vars). I'm not sure what you mean by "check the request.post_vars". If there are variables you are expecting in the posted body, they will be in request.post_vars. Looking at the example log here <https://docs.woocommerce.com/document/webhooks/>, it looks like you might expect request.post_vars.action and request.post_vars.arg. The "action" value will also be in one of the request headers. Not sure if you need or care about "arg". > > and I don't think there is much gained by putting it inside > > ok... but why not? > It's just another level of indirection for no benefit. Actually, if the @auth.requires check fails, it will end up redirecting to the web2py Auth "not_authorized" HTML page (with a 200 response). A better response would simply be to raise an HTTP(403) exception. Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
