Hi Niphlod,
Here is my report on your suggestion:
> BTW3: to pass around an app just log into admin and hit "create package"
> (or tar.gz the entire applications/myapp folder and load it locally with
> "upload package")
On webfaction-web2py-admin:
for myapp clicked the "Pack all" button & downloaded
"web2py.app.myapp.w2p" to myLocalMachine
On myLocalMachine in web2py-admin :
1. deleted myapp
2. in Upload and install packed application:
1. Application name: myapp
2. Upload a package: path-to/ web2py.app.myapp.w2p
3. Or Get from URL: <LEFT BLANK>
4. [ ] Overwrite installed app # left this checkbox UNCHECKED
5. Clicked "Install"
6. Flash said: application myapp installed with md5sum:
7632e93e985802371a0071a4daca49c7
TO TEST
1. Tried logging in with all 4 {email, pw} sets that work on webfaction:
RESULT:
myLocalMachine COULD NOT LOGIN - returning to the login page without
comment.
webfaction LOGINS JUST FINE
2. There is one user on webfaction waiting registration approval. Testing
that {email,pw} RESULT
myLocalMachine COULD NOT LOGIN - returning to the login page without
comment.
webfaction FLASH RESPONSE - "Registration is pending approval"
3. Inspecting myLocalMachine in Database Administration RESULT:
a. all 5 of the users on webfaction are also on myLocalMachine
b. all 5 of the users on myLocalMachine have passwords that begin with
"pbkdf2(1000,20,sha512)$"
4. On myLocalMachine in Database Administration,
a. I click [ insert new auth_user ] and insert
First name: local
Last name: user
E-mail: lo...@here.com
Password: localuserpw
Registration key: none
Reset Password key: none
Registration identifier: none
b. RESULTS:
1. flash response: new record inserted
2. Password for lo...@here.com begins with
"pbkdf2(1000,20,sha512)$" NOT "sha512" as in my original post.
3. On myLocalMachine, when i try to login with { lo...@here.com,
localuserpw} - COULD NOT LOGIN
- it returned to the login page without comment.
OK so I think I still need some help with "fix"ing CRYPT differences
between Windows and Linux.
Thanks in advance.
Love and peace,
Joe
On Thursday, December 6, 2012 4:34:23 PM UTC-8, JoeCodeswell wrote:
>
> Dear Niphlod,
>
> Thanks for the reply.
>
> appadmin.py ships with the application, so if you really copied the
>> "controllers" folder you'd have the same file.
>
> Of course you are right. I only copied the files i [thought i] had
> changed. That's why i was surprised to find that
> appadmin.py.windows != appadmin.py.linux
>
> BTW, pbkdf2 was introduced ~2 months ago
>>
> I created myapp on the Linux [webfaction] machine yesterday. I tried to
> copy it to my Windows [home] machine today.
>
> BTW2: if you copied an app that used the sha512 algo an tried to load it
>> into a *newer* web2py release...
>
> I am trying to copy myapp FROM the Linux [webfaction] machine TO my
> Windows [home] machine. When I created myapp on the Linux machine, I
> created a myapp using the "New simple application create" function. I never
> [to my knowledge] altered anything related to CRYPT. So i believe the
> pbkdf2 algo was generated at app creation time on the Linux [webfaction]
> machine.
>
> BTW3: to pass around an app just ...
>
> Thanks BIG TIME for this. I will try these suggestions.
>
> BTW4: I seem to recall that very old python calculated hashes differently.
>
> I am using python 2.7 on BOTH the Windows and Linux machines.
>
> Thanks for the responses, Niphlod. I'll report back after trying BTW3.
>
> Thanks again, Niphlod.
>
> Love and peace,
>
> Joe
>
>
> On Thursday, December 6, 2012 12:19:40 PM UTC-8, Niphlod wrote:
>>
>> appadmin.py ships with the application, so if you really copied the
>> "controllers" folder you'd have the same file.
>> BTW, pbkdf2 was introduced ~2 months ago.
>> BTW2: if you copied an app that used the sha512 algo an tried to load it
>> into a *newer* web2py release, as soon as the user entered the password
>> would be updated to the pbkdf2 algo (unless you were using some explicit
>> IS_CRYPT() validator or the auth_key param on auth, I think).
>> BTW3: to pass around an app just log into admin and hit "create package"
>> (or tar.gz the entire applications/myapp folder and load it locally with
>> "upload package")
>> BTW4: I seem to recall that very old python calculated hashes
>> differently. However, it would not be the case unless BTW2 (some fixed
>> auth_key in auth instantiation or explicit IS_CRYPT() validator)
>>
>>
--
