On Apr 21, 10:41 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > It is crytical that the my_hmac_key in your example be the same as > auth.settings.hmac_key > > On Apr 21, 10:09 pm, Jonathan Lundell <jlund...@pobox.com> wrote: > > > > > On Apr 21, 2010, at 7:09 PM, mdipierro wrote: > > > > NO. You cannot use > > > > password=IS_CRYPT()(passwd)[0]) > > > > You must use > > > > password=db.auth_user.password.requires[0](passwd)[0]) > > > > the reason is that IS_CRYPT() by default uses MD5 while if you pass a > > > key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for > > > example hmac+sha512). So to encrypt the password you have to use the > > > same IS_CRYPT(key='...') that you used when defining the model. > > > > When you create a new app from admin, auth uses hmac+sha512. > > > FWIW (and I'm not sure it's responsive to the original question), I use > > something like this: > > > uid = auth.get_or_create_user(dict(username='xxx', first_name='fff', > > last_name='lll', > > email='whate...@localhost', password=hmac.new(my_hmac_key, 'hey!', > > sha512).hexdigest(), registration_key="")) > > auth.add_membership(gid_admin, uid) > > > --
Massimo, I tried your way however it doesn't set the password, (it is None in appadmin). Could you elaborate more on your example? -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
