Hey Massimo,
You've steered me in the right direction.
Basically I've had to put in a pure opening html form element in, and then
use the custom form widgets afterwards. Works now. Resulting in:
<form action="user/login" method="post">
{{=form.custom.widget.email}}
{{=form.custom.widget.password}}
{{=form.custom.end}}
The
form['_action'] = URL('user/login')
or
form.attributes['_action'] = URL('user/login')
for some reason didn't want to work.
Cheers,
Rhys
On Sunday, May 6, 2012 3:50:52 PM UTC+10, Massimo Di Pierro wrote:
>
> This is because of the mechanism to prevent CSRF attacks.
> There are supposed to be two hidden fields, one is the formname. The other
> is the formkey (a unique onetime token).
>
> Try:
>
> {{
> form=auth.login()
> form['_action']=URL('user/login')
> }}
> {{=form.custom.begin}}
> {{=form.custom.widget.email}}
> {{=form.custom.widget.password}}
> <input type="submit" value="login">
> <input type="hidden" name="_next" value="/feed">
> {{=form.custom.end}}
>
>
> On Saturday, 5 May 2012 23:37:57 UTC-5, Rhys wrote:
>>
>> Hey Alan,
>>
>> I don't want to redirect. I'll try and to explain it a bit more.
>>
>> Basically I have two forms. One which is a drop down, in pure html
>>
>> <form action="/user/login" method="post">
>> <input type="hidden" name="_formname" value="login">
>> <input type="hidden" name="_next" value="/feed">
>> <input type="text" name="email" id="auth_user_email">
>> <input type="password" name="password" id="aut_user_password">
>> <input type="submit" value="login">
>> </form>
>>
>>
>>
>> ^ this Form is on every page which the user is not logged into. When they
>> fill out this form and click submit I want the /user/login page to process
>> it, but it is not doing so. When the page finds there is an error with the
>> login or the user is not authorised, I would like the /user/login form
>> which is exactly the same form as above but on another page with the drop
>> down one removed, to present there was an error with the login.
>>
>> Both forms I've done in html so there is no form key to process. I'm
>> trying to figure out why auth.login() doesn't process it as the
>> form.accepts() method in auth.login() has the same formname. What is
>> preventing it from being processed. It's driving me in sane. I'm stepping
>> through the code in debug mode and can't find why it would not process it.
>> It is basically a SQL form in html like described in the web2py book.
>>
>> Any insight would be great by any!
>>
>> On Sunday, May 6, 2012 12:19:49 AM UTC+10, Alan Etkin wrote:
>>>
>>> *auth.is_logged_in()* will return a bool object. True for authenticated
>>> user and I belive *auth.user_id* attribute is None for the non
>>> authenticated user. *auth *being the Auth class instance created by the
>>> welcome scaffolding application.
>>>
>>> You could use the returned values to catch unsuccessful authentication
>>> and redirect to the correct action
>>>
>>> There is an Auth setting for failed authentication (for example, it's
>>> possible to call a function on failed login)
>>> ("Settings and Messages", web2py book 4th edition, 9.3.7)
>>>
>>> auth.settings.on_failed_authentication = lambda url: redirect(url)
>>>
>>> On Saturday, May 5, 2012 9:51:23 AM UTC-3, Rhys wrote:
>>>>
>>>> I'm creating a custom drop down login form for all pages where the user
>>>> isn't logged in. Once they try and login through this form if it
>>>> is unsuccessful it redirects to the /user/login page with the auth.login
>>>> form. How do I get a error if the login has resulted in an invalid login.
>>>> As there are two forms I've tried also tried to do a form out of html so
>>>> there is no form key. Still no luck. Is it s simple variable I can use to
>>>> determine if it is successful?
>>>
>>>
