Re: [web2py] how to intercept password before encryption, if possible?

Sun, 15 Apr 2012 21:10:18 -0700 

Thanks, Bruce. It's good to know where this is being stored. Actually, I 
like Matt's suggestion for auto-password generation. I'm doing this for a 
client and I assumed they wanted to choose the password, but Matt's 
approach makes more sense to me.

On Monday, April 16, 2012 11:38:09 AM UTC+8, Bruce Wade wrote:
>
> use request.vars.password to get unencrypted and form.vars.password for 
> encrypted if you use requires CRYPT()
>
> On Sun, Apr 15, 2012 at 8:06 PM, weheh <richard_gor...@verizon.net> wrote:
>
>> I'm building an administrative interface where only the admin can 
>> register new users. Upon registering a new user, the system will email 
>> login and initial temporary password to user. I'm using the auth_user table 
>> but with a customized form and create action. Is there a way to capture the 
>> password before it's encrypted?
>>
>> Obviously, I can have the admin enter the password twice, the second time 
>> as a string, but that's a little user hostile. I could make an ajax call 
>> that would copy it behind the scenes, but that's extra work. What's the 
>> easy way?
>>
>> def create():
>>     """adds a new user to the auth_user database"""
>>     response.sub_title = T('Add New User')
>>     form = SQLFORM.factory(
>>             db.auth_user.username,
>>             db.auth_user.password,
>>             db.auth_user.email,
>>             )
>>     # password not available here
>>     if form.process(onvalidation=get_password).accepted:
>>         user_id = db.auth_user.insert(
>>                 username=form.vars.username,
>>                 password=form.vars.password,  # password already 
>> encrypted here
>>                 email=form.vars.email,
>>                 )
>>         send_new_user_mail(form.vars.username, form.vars.email, response.
>> password)
>>         session.flash = T('Added new user')
>>         redirect(URL(c='user', f='manage_users'))
>>     elif form.errors:
>>         response.flash = T('Please correct errors')
>>     return dict(form=form)
>>
>> def get_password(form):
>>     # password already encrypted here
>>     ...
>>
>
>
>
> -- 
> -- 
> Regards,
> Bruce Wade
> http://ca.linkedin.com/in/brucelwade
> http://www.wadecybertech.com
> http://www.fittraineronline.com - Fitness Personal Trainers Online
> http://www.warplydesigned.com
>
>

Reply via email to