Good point, Anthony. I didn't remember the password was encrypted in a validator.
Shame on me, guys. ;-) On Thu, May 23, 2013 at 4:29 PM, Anthony <abasta...@gmail.com> wrote: > After auth.define_tables(), I think: > > db.auth_user.password.requires = None # or some other validator, such as > IS_STRONG() > > should do it. By default, the password field has a CRYPT() validator, which > does the hashing -- this would remove/replace that validator. > > However, this is not a good practice. I can see why you might initially want > to have the plain text of temporary passwords to distribute, but once a user > logs in and updates the password, why do you continue to need the plain text > of the updated password? > > Anthony > > On Thursday, May 23, 2013 4:44:52 AM UTC-4, Ahmad Faiyaz wrote: >> >> Hello, >> I am new on web2py. I am using it to develop a Programming Contest >> Management system. Now on a ONSITE Programming Contest , we have to >> distribute username and password printed on paper. So i have implemented a >> function which will generate user accounts automatically then print the >> passwords on a PDF. Web2py uses encrpytion to store the password, which is >> not retrievable. Now i can have a different table to store the passwords, >> but when i use use Auth to modify the password, i will be unable to update >> my own table. What to do now ? How i can disable encryption on auth_user >> table ? Can anyone help !! > > -- > > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
