Hi, I have also been trying to migrate existing user accounts from phpbb to a web2py system. The below solution works well for registering new users, however in order to successfully validate these passwords during the login process I made some changes to the framework itself:
I have added into gluon/tools.py at line 1753 (latest stable version of web2py) at the end of the 'user is in db' clause of the login method of the Auth class. if self.phpbb_checkpw(temp_user[passfield], request.vars[passfield]): user = temp_user This phpbb_checkpw function returns True or False depending on whether or not the plaintext passwords (from form) matches the stored hash. This is an awkward way to do things and I am wondering if there are any hooks I can avail of in order to validate a user entered plaintext password against the stored hash and thus keep my custom code outside of the framework? Thanks! John On Dec 12, 3:24 pm, Massimo Di Pierro <massimo.dipie...@gmail.com> wrote: > yes. > > On Dec 12, 5:56 am, thodoris <pasxi...@gmail.com> wrote: > > > > > > > I am trying to migrate users fromphpBBwhose passwords have been encrypted > > with php_pass. There is a python module that mimics the functionality of > > php_pass and i am wondering what is the best way to override the default > > encryption of web2py. > > > Is it sufficient to override CRYPT() using something like: > > > db.auth_user.password.requires = MyCrypt() > > > Thanks