OK. Then can you PLEASE tell me how should I write registration part
to use full power of the framework?
In controllers/default.py I have my custom form in def register().
I invoke it in views/default/register.html with:
{{=form}}
HOW DO I SAVE IT TO DATABASE???
I just need this information and everything will work just fine.
On 14 Sie, 11:48, mdipierro <mdipie...@cs.depaul.edu> wrote:
> You have two problems:
>
> 1)
>
> insert(....request.vars.password...)
> should be
> insert(...form.vars.password...)
>
> request.vars contains the raw data sent from user, form.vars contains
> the same data filtered by validators.
>
> 2)
>
> you are bypassing a lot of login that is normally performed by auth.
> For example you do not get default groups for new users. Eventually
> this will bite you.
>
> Massimo
>
> On Aug 14, 4:43 am, elfuego1 <elfue...@gmail.com> wrote:
>
> > When I look into database I can see the password in a readable form.
> > No hash there.
> > I tested registration on a standard cookbook application and the hash
> > there works for password field.
>
> > So I started thinking what am I doing wrong. And then it stuck me and
> > I think I found the problem.
> > When I was sending my form NOTHING was stored into database. I only
> > got a confirmation message: "Form accepted!".
> > So I thought about a work around and put all my code responsible for
> > storing data into database just below this part of my form:
>
> > if form.accepts(request.vars,session):
> > response.flash="Form accepted!"
> > db.auth_user.insert(username=request.vars.username,
>
> > password=request.vars.password,
>
> > first_name=request.vars.first_name,
>
> > last_name=request.vars.last_name)
>
> > So my question is where should I place this part of code to have my
> > data stored in DB and have CRYPT() method working?
> > Or maybe there is some other method to save form data into database?
> > For now only this worked for me. But it looks like my way of saving
> > form data into database backfired on me.
>
> > On 14 Sie, 10:15, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > this confirms that crypt is working. somehow it is not being called
> > > for you. I am very puzzled by this.
> > > How do you check the passwords are not hashed?
> > > Can you make a minimalist app to reproduce the problem and and email
> > > it to me?
>
> > > On Aug 13, 6:39 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > Requirements for password field in db.py file are as follows:
>
> > > > db.auth_user.password.requires =
> > > > [IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
> > > > short'),
> > > > CRYPT(auth.settings.hmac_key)]
>
> > > > there are aslo defined these parameters:
>
> > > > auth.settings.controller = 'default'
> > > > auth.settings.hmac_key='sha512:phraseforthepass'
>
> > > > I was not sure if I import enough modules so beside the obvious:
>
> > > > from gluon.tools import *
>
> > > > I aslo imported these two:
>
> > > > from gluon.utils import *
> > > > from gluon.validators import *
>
> > > > Massimo, after I added the part of code you suggested in my
> > > > registration page (register.html):
> > > > {{=CRYPT(auth.settings.hmac_key)('hello world')}}
>
> > > > I got this on the page in web browser:
>
> > > > ('ae0bd13943b9f20d94ee01dd121d26bbee315f269d309de6aacbfeeeefe6e1c9d75c3d1549dbf9cf2db8c0ecf9094c72cca33baac3944256815e6969fbc97830',
> > > > None)
>
> > > > On 14 Sie, 00:16, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > can you try
>
> > > > > print CRYPT(auth.settings.hmac_key)('hello world')
>
> > > > > what do you get? Did you set
>
> > > > > auth.settings.hmac_key='sha512:somerandompasphrase'
>
> > > > > On Aug 13, 12:39 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > > > I did as mr.freeze suggested and I added values for all parameters:
>
> > > > > > db.auth_user.password.requires =
> > > > > > [IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
> > > > > > short'),
> > > > > > CRYPT(auth.settings.hmac_key)]
>
> > > > > > It helped with my first problem. I don't get error_message any more.
> > > > > > Form is processed smoothly now.
>
> > > > > > BUT the password still isn't hashed...
>
> > > > > > I had found information about additonal parameter
> > > > > > auth.settings.controller = 'default'
>
> > > > > > and had added it in my db.py file. To no avail though :-(
>
> > > > > > On 13 Sie, 11:19, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > > > @elfuogo1, let us know if the problems are solved.
>
> > > > > > > On Aug 12, 10:36 pm, "mr.freeze" <nat...@freezable.com> wrote:
>
> > > > > > > > IS_STRONG is failing for a different reason but displaying your
> > > > > > > > error
> > > > > > > > message. The defaults are:
> > > > > > > > min=8, max=20, upper=1, lower=1, number=1, special=1
>
> > > > > > > > If you remove your error message, you will get a descriptive
> > > > > > > > message
> > > > > > > > for each failure. You can set each parameter to 0 to disallow
> > > > > > > > and to
> > > > > > > > None to not check.
> > > > > > > > db.auth_user.password.requires =
> > > > > > > > [IS_STRONG(min=8,max=None,upper=None,
>
> > > > > > > > lower=None,special=None,number=None,error_message='Too short'),
> > > > > > > > CRYPT(auth.settings.hmac_key)]
>
> > > > > > > > Perhaps the defaults should be less aggressive. Not sure on the
> > > > > > > > CRYPT, it hashes the password for me.
>
> > > > > > > > On Aug 12, 9:53 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > > > > > > Hi,
>
> > > > > > > > > I have a problem with two things in registration form.
>
> > > > > > > > > 1. Definition for password field in database looks as follows:
>
> > > > > > > > > db.auth_user.password.requires = [IS_STRONG(min=8
> > > > > > > > > ,error_message='Your
> > > > > > > > > password is too short!'), CRYPT(auth.settings.hmac_key)]
>
> > > > > > > > > But the form is not accepting passwords. Each time I want to
> > > > > > > > > send a
> > > > > > > > > form it shows me error message: 'Your password is too short',
> > > > > > > > > even if
> > > > > > > > > the password is much longer than required 8 signs.
> > > > > > > > > After removing 'min=8' parameter I'm able to save my form in
> > > > > > > > > database.
>
> > > > > > > > > 2. Although I have provided an encryption setting:
>
> > > > > > > > > auth.settings.hmac_key='sha512:something
>
> > > > > > > > > password is not encrypted in the database.
>
> > > > > > > > > Can you help me and tell me what I'm doing wrong? Am I
> > > > > > > > > missing some
> > > > > > > > > parameters?
