My main concern is that with this being a desktop app that I don't want to have to keep the latest versions of those files on the client machines.
I switched my desktop authorization to read the Windows username and then match it to a username in the auth_user table and rely on the Windows authentication to ensure that user is logged in properly. I validate that they are on the proper domain and they are logged in with an id in the table. Now I don't need to worry about keep those files current on multiple clients. -Jim On Thursday, November 15, 2012 2:01:12 PM UTC-6, Niphlod wrote: > > ehm.... validators.py (if not all, just crypt and lazycrypt, plus > Validator original class), utils.py and pbkdf2 is all you need. > > On Thursday, November 15, 2012 6:32:03 PM UTC+1, Jim S wrote: >> >> Sounds like there is no easy way to do it. I looked through that code >> and it seems pretty involved. I was hoping to do this without needing the >> web2py libs and such. >> >> -Jim >> >> On Thursday, November 15, 2012 11:14:09 AM UTC-6, Niphlod wrote: >>> >>> https://github.com/web2py/web2py/blob/master/gluon/tools.py#L1776 >>> that basically calls the validators attached by default to a password >>> field >>> https://github.com/web2py/web2py/blob/master/gluon/tools.py#L1479 >>> i.e. you just have to import the validator CRYPT and check with that >>> passing the correct parameters >>> https://github.com/web2py/web2py/blob/master/gluon/validators.py#L2659 >>> >>> PS: CRYPT was easier to follow before the introduction of the pdfbk2 >>> algo, but it's quite straightforward if you are willing to cut off >>> backward-compatibility >>> (that required lazycrypt >>> https://github.com/web2py/web2py/blob/master/gluon/validators.py#L2581) >>> >>> --
