I'm building an administrative interface where only the admin can register
new users. Upon registering a new user, the system will email login and
initial temporary password to user. I'm using the auth_user table but with
a customized form and create action. Is there a way to capture the password
before it's encrypted?
Obviously, I can have the admin enter the password twice, the second time
as a string, but that's a little user hostile. I could make an ajax call
that would copy it behind the scenes, but that's extra work. What's the
easy way?
def create():
"""adds a new user to the auth_user database"""
response.sub_title = T('Add New User')
form = SQLFORM.factory(
db.auth_user.username,
db.auth_user.password,
db.auth_user.email,
)
# password not available here
if form.process(onvalidation=get_password).accepted:
user_id = db.auth_user.insert(
username=form.vars.username,
password=form.vars.password, # password already encrypted
here
email=form.vars.email,
)
send_new_user_mail(form.vars.username, form.vars.email, response.
password)
session.flash = T('Added new user')
redirect(URL(c='user', f='manage_users'))
elif form.errors:
response.flash = T('Please correct errors')
return dict(form=form)
def get_password(form):
# password already encrypted here
...
