On Sep 21, 2009, at 12:02 AM, Fran wrote: > On Sep 21, 5:13 am, waTR <r...@devshell.org> wrote: >> Is it possible to convert the request.vars.get(passfied, '') to the >> same hash form as you would get from using form() ? > > Yes: > myhash = hmac.new(auth.settings.hmac_key, request.vars.get(passfield, > ''), hashlib.md5).hexdigest() > if myhash == db(db.auth.settings.table_user.id == myid).select > [0].password: > # we match > ... > > NB Code not fully-tested, but I hope you get the idea...
You're better off doing through the form (and the CRYPT instance), I think, since you'll automatically use the same hash method that the form does (which might not be md5). --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
