It shouldn't be hard to use hashes for usernames too, but there may be complications later when it comes to storing user sessions and needing user information in your session etc.
I think iy would br easier if you just encrypt the whole database and make web2py read the encrypted data transparently. You would need to check your database features and configuration for that and also configure web2py to use the database key when connecting etc. On Fri, 22 May 2020, 12:57 Kevin Keller, <keller...@gmail.com> wrote: > Without having checked the code, i am pretty sure that the builtin Auth > Modul of Web2py expects a plaintext email in the username field when > checking the credentials. > > I suppose now it fails as the encrypted email value does simply not match > the plaintext one. > > You would need to modify the Auth module to encrypt the plain text email > after submitting and then also checking against an encrypted value. During > user registration you would also need to insure user name encryption. > > This is in fact pretty much how passwords are stored, with a hash, so inr > way encryption and only the hashes are compared. > > > > On Fri, 22 May 2020, 12:15 Michele Serra, <mikele....@gmail.com> wrote: > >> Please answer! >> >> Il giorno martedì 21 aprile 2020 15:16:38 UTC+2, Michele Serra ha scritto: >>> >>> Anyone? please >>> >>> Il giorno venerdì 10 aprile 2020 12:38:02 UTC+2, Michele Serra ha >>> scritto: >>>> >>>> Hi, >>>> I use the email as the login credential, I tried to encrypt the email >>>> with >>>> >>>> db.auth_user.email.filter_in = lambda value : secure_dumps(value, >>>> enc_key) >>>> db.auth_user.email.filter_out = lambda value : secure_loads(value, >>>> enc_key) >>>> >>>> and it works well, in the database I see the encrypted data while from >>>> the appadmin I see the decrypted data. >>>> >>>> But when I try to login it fails, with an "INVALID LOGIN" >>>> Have you ever tried? >>>> What am I doing wrong? >>>> >>> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/web2py/1f196a71-6224-4ee3-988b-d130bd19c53a%40googlegroups.com >> <https://groups.google.com/d/msgid/web2py/1f196a71-6224-4ee3-988b-d130bd19c53a%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/CADHCKLRYFY27EroXpa9jq9p48y8W2TqUWe7jS-o_osMv6zYCtg%40mail.gmail.com.
