[web2py] Re: authentiction questions

2018-05-11 Thread Dave S 


On Wednesday, May 9, 2018 at 10:20:24 PM UTC-7, Dave S wrote:
>
>
> Ooops -- missed the instructions ...
>
> On Wednesday, May 9, 2018 at 4:53:04 PM UTC-7, Dave S wrote:
>>
>> Trying to set up a new user via script, and as usual it isn't going 
>> smoothly.  web2py 2.15.4, fronted by nginx
>>
>> Using adduser script, which I think I got from this group (or maybe from 
>> a pointer Massimo provided):
>>
>>  
>  """
>   Use of this script is like
>
> >>> from gluon.shell import exec_environment
> >>> auth=Auth(db)
> >>> session.db = db
> >>> session.auth = auth
> >>> other=exec_environment('applications/uploafer/scripts/adduser.py', 
> session=session)
>
> """
>
> [ and that should be done in the usual -M -S (interactive) shell]
>
>
>> import gluon.tools
>>
>> auth = session.auth
>> db   = session.db
>> new_user = auth.register_bare(email='easym...@example.com', 
>> password='4mark2easy')
>> print (new_user)
>> if new_user:
>>   new_user.update_record(registration_key='') # This approves the 
>> registration - can be done later
>> db.commit()
>> print (other_stuff_from_auth)
>>
>>
>> This successfully adds a new user, but when  the new user tries to login, 
>> more times than not the result is "invalid login".  (The login form is the 
>> out-of-the-box one via default/user.)  Sometimes, it works on the first 
>> try.
>>
>> Q1:  Why does the login often fail?
>>
>
No ideas out there?  
 

>
>> The script doesn't update an existing user; register_bare() and its 
>> underwiring check for newness (as in !IS_IN_DB()), so it doesn't work as 
>> a reset password tool.  The reset-password-email technique doesn't work 
>> here, because not all of these users have valid email addresses.  I can use 
>> port forwarding to use appadmin, but the server command line is easier 
>> in this setup.
>>
>> Q2:  Is there an easy way to script resetting a user's password?  
>>
>> Some of these accounts should only be used on a short-term basis.  I can 
>> manually reset the password, or delete the user, but I'd like a failsafe 
>> mechanism in case I forget:
>>
>> Q3:  Is there a way to automatically expire a password?
>>
>> I have a function with the @request.restful() decorator; it should 
>> require login as well.
>>
>> Q4: Can I use @auth.requires_login() with @request.restful()
>>
>>
>> Thanks.
>>
>> Dave
>> /dps
>>
>>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: authentiction questions

2018-05-09 Thread Dave S 

Ooops -- missed the instructions ...

On Wednesday, May 9, 2018 at 4:53:04 PM UTC-7, Dave S wrote:
>
> Trying to set up a new user via script, and as usual it isn't going 
> smoothly.  web2py 2.15.4, fronted by nginx
>
> Using adduser script, which I think I got from this group (or maybe from a 
> pointer Massimo provided):
>
>  
 """
  Use of this script is like

>>> from gluon.shell import exec_environment
>>> auth=Auth(db)
>>> session.db = db
>>> session.auth = auth
>>> other=exec_environment('applications/uploader/scripts/adduser.py', 
session=session)

"""

 

>
> import gluon.tools
>
> auth = session.auth
> db   = session.db
> new_user = auth.register_bare(email='easym...@example.com', 
> password='4mark2easy')
> print (new_user)
> if new_user:
>   new_user.update_record(registration_key='') # This approves the 
> registration - can be done later
> db.commit()
> print (other_stuff_from_auth)
>
>
> This successfully adds a new user, but when  the new user tries to login, 
> more times than not the result is "invalid login".  (The login form is the 
> out-of-the-box one via default/user.)  Sometimes, it works on the first 
> try.
>
> Q1:  Why does the login often fail?
>
> The script doesn't update an existing user; register_bare() and its 
> underwiring check for newness (as in !IS_IN_DB()), so it doesn't work as 
> a reset password tool.  The reset-password-email technique doesn't work 
> here, because not all of these users have valid email addresses.  I can use 
> port forwarding to use appadmin, but the server command line is easier in 
> this setup.
>
> Q2:  Is there an easy way to script resetting a user's password?  
>
> Some of these accounts should only be used on a short-term basis.  I can 
> manually reset the password, or delete the user, but I'd like a failsafe 
> mechanism in case I forget:
>
> Q3:  Is there a way to automatically expire a password?
>
> I have a function with the @request.restful() decorator; it should 
> require login as well.
>
> Q4: Can I use @auth.requires_login() with @request.restful()
>
>
> Thanks.
>
> Dave
> /dps
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.