I think the first table definition is more actual and cleaner than second and it's how I am actually doing it
On 21 mayo, 16:49, annet <annet.verm...@gmail.com> wrote: > I read chapter 8 of the web2py manual and some post on authentication > to get started (again) implementing a cms. > > I read about MD5 and SHA-512, and understand I have to provide a > secret key for this setting: auth.settings.hmac_key='<your secret > key>' Does this key have a specific format, e.g. 448a98e0-00fd-46b2- > ac4f-a14d2315b189? Or can I use any key? At the moment I am working in > web2py 1.76.5 does this version already use hmac + sha-512? > > Furthermore I would like to customize the auth_user table. In the > manual the proper way to define a user table is: > > auth_table = db.define_table(auth.settings.table_user_name, > Field('first_name', length=128, default=''), > Field('last_name', length=128, default=''), > Field('email', length=128, default='', unique=True), > Field('password', 'password', length=256, readable=False, > label='Password'), > Field('registration_key', length=128, default= '', writable=False, > readable=False)) > > auth_table.first_name.requires = > IS_NOT_EMPTY(error_message=auth.messages.is_empty) > auth_table.last_name.requires = > IS_NOT_EMPTY(error_message=auth.messages.is_empty) > auth_table.password.requires = [IS_STRONG(), CRYPT()] > auth_table.email.requires = > [IS_EMAIL(error_message=auth.messages.invalid_email), IS_NOT_IN_DB(db, > auth_table.email)] > auth.settings.table_user = auth_table > > In a workgroup post of 8 February I read this definition: > > auth.settings.table_user = db.define_table('auth_user', > Field('first_name', length=512,default=''), > Field('last_name', length=512,default=''), > Field('email', length=512,default='', requires = > [IS_EMAIL(),IS_NOT_IN_DB(db,'auth_user.email')]), > Field('password', 'password', readable=False, label='Password', > requires=CRYPT(auth.settings.hmac_key)), > Field('registration_key', length=512, writable=False, > readable=False,default=''), > Field('reset_password_key', length=512, writable=False, > readable=False, default='')) > > What is the reset_password_key for? I guess I'd better use the latter > table definition, don't I need any validators? > > Kind regards, > > Annet.