I think the options should be: registration_key= - '' (login allowed) - '<uuid>' (login not allowed, email sent, waiting for verification) - 'pending' (login blocked, registration needs approval) - 'blocked' (login blocked, registration disabled) - 'reset:<time>:<uuid>' (login allowed, email sent, waiting for password reset)
<time> should be used to expire the password reset. The only new case is the last one but login check needs change. Massimo On Nov 30, 7:34 pm, Thadeus Burgess <thade...@thadeusb.com> wrote: > +1 for the registration_key > > But the only problem is the registration_key should change each time the > password is to be changed ? > > -Thadeus > > On Mon, Nov 30, 2009 at 5:58 PM, mdipierro <mdipie...@cs.depaul.edu> wrote: > > thank you. This was needed. I will take a look asap. The only issue is > > that this new mechanism should be the default if the ath_user table > > has the new reset_password_field, esle it should revert to the old > > mechanism (in case people have custom tables) for backward > > compatibility. > > > I wonder if this can be done using registration_key instead of > > reset_password_field. It would make life easier because we would not > > need to trigger a database migration. > > > Massimo > > > On Nov 30, 5:19 pm, Wes James <compte...@gmail.com> wrote: > > > Here are the changes I made in tools.py in web2py 1.73.1 > > > > added doc item in Auth: > > > > -http://.../{application}/{controller}/authentication/reset_password > > > > added Auth setting: > > > > self.settings.reset_password_next = self.url('user', > > args='login') > > > > added these messages: > > > > self.messages.reset_password = 'Click here:\n\nhttp://' + > > > request.env.http_host + '/' + request.application + '/' + > > > request.controller + '/reset_password' + '?key=%(reset_password_key)s > > > \n\nto reset your password' > > > self.messages.reset_password_subject = 'Password reset' > > > > self.messages.reset_password_log = 'User %(id)s Password reset' > > > > self.messages.label_reset_password_key = 'Reset Password key' > > > > addition to methods: > > > > def __call__..... > > > > elif args[0] == 'reset_password': > > > return self.reset_password() > > > > def define_tables..... added field below > > > > db.Field('reset_password_key', length=512, > > > writable=False, readable=False, default='', > > > label=self.messages.label_reset_password_key), > > > > def get_or_create_user.... added reset_password_key > > > > d = {username: keys[username], > > > 'first_name': keys.get('first_name', keys[username]), > > > 'last_name': keys.get('last_name', ''), > > > 'registration_key': '', > > > 'reset_password_key': ''} > > > > new method: > > > > def reset_password.... > > > > Attached is the new tools.py > > > > thx, > > > > -wes > > > > tools.py > > > 143KViewDownload > > > -- > > > You received this message because you are subscribed to the Google Groups > > "web2py-users" group. > > To post to this group, send email to web...@googlegroups.com. > > To unsubscribe from this group, send email to > > web2py+unsubscr...@googlegroups.com<web2py%2bunsubscr...@googlegroups.com> > > . > > For more options, visit this group at > >http://groups.google.com/group/web2py?hl=en. > > -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
