On 20 Dec, 2005, at 3:08 pm, Jeremy Jones wrote:
Jeremy, I've applied your patch, but the problem I see is that it's now difficult to encrypt the password. I'm taking advantage of the CatWalk tool to add users and groups, but I don't see a convenient way to MD5 or SHA the password before stashing it in the DB. I guess this is really an example of why the Identity framework needs its own admin system. Maybe an extension of CatWalk... So here's the question: Would you rather have the MD5 & SHA code in the SqlObjectIdentityProvider to check passwords against MD5 and SHA hexdigests in the database but without the ability to easily encrypt the passwords (short of manually computing and storing an MD5 or SHA hash) or do we need to step back and think about a CRUDy interface for Identity? Jeff (Who's not had a tremendous amount of sleep, so this may all be gibberish.) |
- [TurboGears] Re: patch to identity module to allow md5 and sh... Jeff Watkins
