Hi, I'm going to rewrite a REST API made with webpy into web2py. This API is available only over https and I'd need to use basic auth.
It's an API available only to cmdline clients such as curl, wget and so on. I think there's an error on the documentation (http://www.web2py.com/ book/default/chapter/08#Access-control-and-Basic-authentication) because the settings key is instead allow_basic_login. I reviewed also the section on customizing the auth tables and I think there are some errors in that too. Anyway, lets start from the basics... >From what I read on the docs, to allow only basic authentication, I need to do the following: auth.define_tables(username=True) #to use the name as username instead of the email from gluon.contrib.login_methods.basic_auth import basic_auth #import basic_auth auth.settings.allow_basic_login = True #activate basic auth auth.settings.login_methods = [basic_auth()] #force to use only basic auth and session.forget() in every function in the control. Do I need to do anything else or is this correct ? Right now basic auth is working for curl and wget but if I point to the same url with a browser, I get to app/user/login?_next=etc etc etc . I'd like web2py to return a 401 simple error if username and password aren't supplied, just that.
