Thanks Richard.
I had another look, and the database is in fact changing when I do a
password reset. The password after reset is sha512 + hmac using the
salt specified in the db.py. I checked it in code manually. I tried
to find a combination of algorithm that gave me the old hash, before
the password reset but with no luck. The salt in the db.py is exactly
the same in both installs. I think I may have to debug the old
installation to verify the salt that is used.
The problem is that I need to maintain the old passwords in the new
install.
On Feb 17, 3:51 pm, Richard Vézina <ml.richard.vez...@gmail.com>
wrote:
> Did you change the user of you DB?
>
> If yes, you have to change it in db.py in model this line (example for
> Postgres) :
>
> db=DAL('postgres://USERNAME:PASSW...@127.0.0.1:5432/NEWDBNAME')
>
> And if it coming from the auth at login... Just put a password directly into
> auth.user password field and go into your browser and use this password to
> logon.
>
> It could append that you have enforce the strength or encryption you will
> have to make your password conform to the rule of web2py strength
> enforcement or change this line in db.py in model :
>
> custom_auth_table.password.requires = [IS_STRONG
> <http://web2py.com/book/default/docstring/IS_STRONG>(), CRYPT
> <http://web2py.com/book/default/docstring/CRYPT>()]
>
> *
> *
>
> and remove : IS_STRONG(), CRYPT()
> so it read :
>
> custom_auth_table.password.requires = []
>
> Richard
>
>
>
>
>
>
>
> On Thu, Feb 17, 2011 at 6:01 AM, Matt <mattsn...@gmail.com> wrote:
> > No actually it is the user authentication using Auth from the model.
> > I think I will compare the database before and after, make sure I know
> > exactly what has changed between the two.
>
> > Thanks.
>
> > On Feb 16, 7:21 pm, Richard Vézina <ml.richard.vez...@gmail.com>
> > wrote:
> > > The problem is it only when you try to access the appadmin on prod
> > server?
>
> > > If so, it could come from parameters_443.py file in the web2py folder. It
> > > contain the hash of you admin password.
>
> > > Richard
>
> > > On Wed, Feb 16, 2011 at 2:15 PM, Matt <mattsn...@gmail.com> wrote:
> > > > I have recently moved my web2py installation to a new server. The
> > > > database (postgresql) was copied using an sql dump. After this the
> > > > user passwords appear to have stopped working. If I do a password
> > > > reset, and use the same password it works again. The hash of the
> > > > password is the same before and after the reset. Any ideas what is
> > > > going on?
>
> > > > Thanks
