• 4318 views
  • 0 comments
  • loading...

The controller default exposes multiple actions:

To expose Auth, you also need the following function in a controller (for example in "default.py")
def user(): return dict(form=auth())

Controller can exposes multiple action witch handles user registration, login, logout, change password and more, see below. Note, the auth object and the user action are already defined in the scaffolding application.


Attributes / Arguments

Allows users to register. It is integrated with CAPTCHA, although this is disabled by default. This is also integrated with a client-side entropy calculator defined in "web2py.js". The calculator indicates the strength of the new password. You can use the IS_STRONG validator to prevent web2py from accepting weak passwords.

http://.../[app]/default/user/register

Allows users who are registered to log in (if the registration is verified or does not require verification, if it has been approved or does not require approval, and if it has not been blocked).

http://.../[app]/default/user/login

Does what you would expect but also, as the other methods, logs the event and can be used to trigger some event.

http://.../[app]/default/user/logout

Allows users to change their password in a fail-safe way.

http://.../[app]/default/user/change_password

If email verification is turned on, then visitors, upon registration, receive an email with a link to verify their email information. The link points to this action.

http://.../[app]/default/user/verify_email

By default, Auth uses email and password for login, but it can, optionally, use username instead of email. In this latter case, if a user forgets his/her username, the retrieve_username method allows the user to type the email address and retrieve the username by email.

http://.../[app]/default/user/retrieve_username

Allows users who forgot their password to request a new password. They will get a confirmation email pointing to reset_password.

http://.../[app]/default/user/retrieve_username

Allows a user to "impersonate" another user. This is important for debugging and for support purposes. request.args[0] is the id of the user to be impersonated. This is only allowed if the logged in user has_permission('impersonate', db.auth_user, user_id). You can use auth.is_impersonating() to check is the current user is impersonating somebody else.

http://.../[app]/default/user/impersonate

Lists the groups of which the current logged in user is a member.

http://.../[app]/default/user/groups

Displays an error message when the visitor tried to do something that he/she is not authorized to do

http://.../[app]/default/user/not_authorized


Examples

loading...


Comments

loading...

Powered by
Web2py

Hosted on
www.pythonanywhere.com
(affiliated link)