In the controller you should ONLY use
form=auth.register()
DO NOT make the registration form with FORM, SQLFORM, accepts, etc.
If you need to add fields, define your own db.auth_user table
If you need to customize presentation use
{{=form.custom.begin}}
{{=form.custom.widget.first_name}}
....
{{=form.custom.widget.submit}}
{{=form.custom.end}}
insert any HTML you need. Use CSS and jQuery to style it.
On Aug 14, 5:03 am, elfuego1 <elfue...@gmail.com> wrote:
> OK. Then can you PLEASE tell me how should I write registration part
> to use full power of the framework?
>
> In controllers/default.py I have my custom form in def register().
> I invoke it in views/default/register.html with:
> {{=form}}
>
> HOW DO I SAVE IT TO DATABASE???
> I just need this information and everything will work just fine.
>
> On 14 Sie, 11:48, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > You have two problems:
>
> > 1)
>
> > insert(....request.vars.password...)
> > should be
> > insert(...form.vars.password...)
>
> > request.vars contains the raw data sent from user, form.vars contains
> > the same data filtered by validators.
>
> > 2)
>
> > you are bypassing a lot of login that is normally performed by auth.
> > For example you do not get default groups for new users. Eventually
> > this will bite you.
>
> > Massimo
>
> > On Aug 14, 4:43 am, elfuego1 <elfue...@gmail.com> wrote:
>
> > > When I look into database I can see the password in a readable form.
> > > No hash there.
> > > I tested registration on a standard cookbook application and the hash
> > > there works for password field.
>
> > > So I started thinking what am I doing wrong. And then it stuck me and
> > > I think I found the problem.
> > > When I was sending my form NOTHING was stored into database. I only
> > > got a confirmation message: "Form accepted!".
> > > So I thought about a work around and put all my code responsible for
> > > storing data into database just below this part of my form:
>
> > > if form.accepts(request.vars,session):
> > > response.flash="Form accepted!"
> > > db.auth_user.insert(username=request.vars.username,
>
> > > password=request.vars.password,
>
> > > first_name=request.vars.first_name,
>
> > > last_name=request.vars.last_name)
>
> > > So my question is where should I place this part of code to have my
> > > data stored in DB and have CRYPT() method working?
> > > Or maybe there is some other method to save form data into database?
> > > For now only this worked for me. But it looks like my way of saving
> > > form data into database backfired on me.
>
> > > On 14 Sie, 10:15, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > this confirms that crypt is working. somehow it is not being called
> > > > for you. I am very puzzled by this.
> > > > How do you check the passwords are not hashed?
> > > > Can you make a minimalist app to reproduce the problem and and email
> > > > it to me?
>
> > > > On Aug 13, 6:39 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > > Requirements for password field in db.py file are as follows:
>
> > > > > db.auth_user.password.requires =
> > > > > [IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
> > > > > short'),
> > > > > CRYPT(auth.settings.hmac_key)]
>
> > > > > there are aslo defined these parameters:
>
> > > > > auth.settings.controller = 'default'
> > > > > auth.settings.hmac_key='sha512:phraseforthepass'
>
> > > > > I was not sure if I import enough modules so beside the obvious:
>
> > > > > from gluon.tools import *
>
> > > > > I aslo imported these two:
>
> > > > > from gluon.utils import *
> > > > > from gluon.validators import *
>
> > > > > Massimo, after I added the part of code you suggested in my
> > > > > registration page (register.html):
> > > > > {{=CRYPT(auth.settings.hmac_key)('hello world')}}
>
> > > > > I got this on the page in web browser:
>
> > > > > ('ae0bd13943b9f20d94ee01dd121d26bbee315f269d309de6aacbfeeeefe6e1c9d75c3d1549dbf9cf2db8c0ecf9094c72cca33baac3944256815e6969fbc97830',
> > > > > None)
>
> > > > > On 14 Sie, 00:16, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > > can you try
>
> > > > > > print CRYPT(auth.settings.hmac_key)('hello world')
>
> > > > > > what do you get? Did you set
>
> > > > > > auth.settings.hmac_key='sha512:somerandompasphrase'
>
> > > > > > On Aug 13, 12:39 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > > > > I did as mr.freeze suggested and I added values for all
> > > > > > > parameters:
>
> > > > > > > db.auth_user.password.requires =
> > > > > > > [IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
> > > > > > > short'),
> > > > > > > CRYPT(auth.settings.hmac_key)]
>
> > > > > > > It helped with my first problem. I don't get error_message any
> > > > > > > more.
> > > > > > > Form is processed smoothly now.
>
> > > > > > > BUT the password still isn't hashed...
>
> > > > > > > I had found information about additonal parameter
> > > > > > > auth.settings.controller = 'default'
>
> > > > > > > and had added it in my db.py file. To no avail though :-(
>
> > > > > > > On 13 Sie, 11:19, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > > > > @elfuogo1, let us know if the problems are solved.
>
> > > > > > > > On Aug 12, 10:36 pm, "mr.freeze" <nat...@freezable.com> wrote:
>
> > > > > > > > > IS_STRONG is failing for a different reason but displaying
> > > > > > > > > your error
> > > > > > > > > message. The defaults are:
> > > > > > > > > min=8, max=20, upper=1, lower=1, number=1, special=1
>
> > > > > > > > > If you remove your error message, you will get a descriptive
> > > > > > > > > message
> > > > > > > > > for each failure. You can set each parameter to 0 to disallow
> > > > > > > > > and to
> > > > > > > > > None to not check.
> > > > > > > > > db.auth_user.password.requires =
> > > > > > > > > [IS_STRONG(min=8,max=None,upper=None,
>
> > > > > > > > > lower=None,special=None,number=None,error_message='Too
> > > > > > > > > short'),
> > > > > > > > >
> > > > > > > > > CRYPT(auth.settings.hmac_key)]
>
> > > > > > > > > Perhaps the defaults should be less aggressive. Not sure on
> > > > > > > > > the
> > > > > > > > > CRYPT, it hashes the password for me.
>
> > > > > > > > > On Aug 12, 9:53 pm, elfuego1 <elfue...@gmail.com> wrote:
>
> > > > > > > > > > Hi,
>
> > > > > > > > > > I have a problem with two things in registration form.
>
> > > > > > > > > > 1. Definition for password field in database looks as
> > > > > > > > > > follows:
>
> > > > > > > > > > db.auth_user.password.requires = [IS_STRONG(min=8
> > > > > > > > > > ,error_message='Your
> > > > > > > > > > password is too short!'), CRYPT(auth.settings.hmac_key)]
>
> > > > > > > > > > But the form is not accepting passwords. Each time I want
> > > > > > > > > > to send a
> > > > > > > > > > form it shows me error message: 'Your password is too
> > > > > > > > > > short', even if
> > > > > > > > > > the password is much longer than required 8 signs.
> > > > > > > > > > After removing 'min=8' parameter I'm able to save my form
> > > > > > > > > > in database.
>
> > > > > > > > > > 2. Although I have provided an encryption setting:
>
> > > > > > > > > > auth.settings.hmac_key='sha512:something
>
> > > > > > > > > > password is not encrypted in the database.
>
> > > > > > > > > > Can you help me and tell me what I'm doing wrong? Am I
> > > > > > > > > > missing some
> > > > > > > > > > parameters?
