>
> so far, I've only found so-called manual authentication in the manual:
>
> user = auth.login_bare(username, password)
>
> but I am not so sure if this is what I need for the case above. In
> particular, how could I obtain the corresponding password for the user
> here? And I suppose it is encrypted?
>
I think login_bare should work. The only problem is if you are using the
CRYPT validator on the password field (which you should be), login_bare
will pass the already hashed password (which is what you have in the user
record) through CRYPT again, which will re-hash it, and the resulting
re-hash will no longer match the original hash. To avoid this, you can
temporarily remove the validators from the password field for the login:
def program_login(user):
db.auth_user.password.requires = None
auth.login_bare(user.email, user.password)
That assumes email is used as the username (otherwise, use user.username
for the login).
Anthony
