Hey Jon: *Q: * > BTW, are you deliberately *forbidding* upper-case letters?
*A: *. *Yes*, just like Google does, usernames are lowercase, although if your gmail username is *johnsmith* you can log in with *JohnSmith*, or *JOHNSMITH*, or *Johnsmith* etc. but there is ONLY ONE user. At least for my app, Just case lowercase names are best... user's have enough trouble remembering names without burden of case-sensitivity. ------- So, with the of this forum, I think I have nearly completed my Google-like Registration policy in web2py. I'll continue to test. Here is code, entire file (based on simple app, is attached db.py) *Concern:* I *hope* I'm restricting the length of password correctly? I just followed discussion on this forum. Note: Curiously, in version 1.99, the .insert works, where id didn't with username. -- thanks all, ~ Rob ----------------------- db.py.... from gluon.tools import Auth, Crud, Service, PluginManager, prettydate auth = Auth(db, hmac_key=Auth.get_or_create_key()) crud, service, plugins = Crud(db), Service(), PluginManager() ## - START CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ## # | Summary: # | Modify web2py to allow user registrations similar to # | Google registrations. # | i.e. # | - lower case only [a-z] # | - numbers [0-9] and period are OK # | - can't end in a period # | - can't start with a period # | - can't have consecutive periods # | - min 8 letter password # | - username can't be changed once registered # | # | Note: Messages are nearly same as Google displays ## create all tables needed by auth if not custom tables # use usernames rather than email addresses to register auth.define_tables(username=True) # allow username only on registration, but can only # be viewed (readable) in Profile # user can't change username once registered. if auth.is_logged_in(): db.auth_user.username.writable = False db.auth_user.username.readable = True #custom message for password length - like Google # ref: """ https://groups.google.com/forum/?fromgroups#!searchin/web2py/$20default$20length$20for$20password/web2py/k5os3bMz228/vG-UOLbhcBUJ[1-25] """ db.auth_user.password.requires.insert(0,IS_LENGTH(minsize=8)) db.auth_user.password.requires = CRYPT(key=auth.settings.hmac_key,min_length =8) #add a comments to exlain policy db.auth_user.password.comment='minimum 8 letters' db.auth_user.username.comment='min. 6 letters (a-z), you may use numbers, and periods.' # apply nearly identical username policy and message that Google Accounts use. # this OVERWRITES web2py's default username validation # reference and thanks to web2py community for help: # https://groups.google.com/forum/?fromgroups#!starred/web2py/HBODB00HMfU[1-25] auth.settings.table_user.username.requires = [IS_LENGTH(30,6,'Please use between 6 and 30 characters.'), IS_MATCH('^[a-z0-9.]*$', error_message='Please use only letters (a-z) and numbers (0-9), and periods.'), IS_NOT_EMPTY(error_message='You can\'t leave this empty. '), IS_EXPR("value[0]<>'.'", error_message='The FIRST character of your username should be a letter (a-z) or number.'), IS_EXPR("value[-1]<>'.'", error_message='The LAST character of your username should be a letter (a-z) or number.'), IS_EXPR("str(value).find('..')==-1",error_message='A fan of punctuation! Alas, usernames can\'t have consecutive periods.'), IS_NOT_IN_DB(db, auth.settings.table_user.username, 'Someone already has that username. ') ] ## - END CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ## --
# -*- coding: utf-8 -*- ######################################################################### ## This scaffolding model makes your app work on Google App Engine too ## File is released under public domain and you can use without limitations ######################################################################### ## if SSL/HTTPS is properly configured and you want all HTTP requests to ## be redirected to HTTPS, uncomment the line below: # request.requires_https() if not request.env.web2py_runtime_gae: ## if NOT running on Google App Engine use SQLite or other DB db = DAL('sqlite://storage.sqlite') else: ## connect to Google BigTable (optional 'google:datastore://namespace') db = DAL('google:datastore') ## store sessions and tickets there session.connect(request, response, db = db) ## or store session in Memcache, Redis, etc. ## from gluon.contrib.memdb import MEMDB ## from google.appengine.api.memcache import Client ## session.connect(request, response, db = MEMDB(Client())) ## by default give a view/generic.extension to all actions from localhost ## none otherwise. a pattern can be 'controller/function.extension' response.generic_patterns = ['*'] if request.is_local else [] ## (optional) optimize handling of static files # response.optimize_css = 'concat,minify,inline' # response.optimize_js = 'concat,minify,inline' ######################################################################### ## Here is sample code if you need for ## - email capabilities ## - authentication (registration, login, logout, ... ) ## - authorization (role based authorization) ## - services (xml, csv, json, xmlrpc, jsonrpc, amf, rss) ## - old style crud actions ## (more options discussed in gluon/tools.py) ######################################################################### from gluon.tools import Auth, Crud, Service, PluginManager, prettydate auth = Auth(db, hmac_key=Auth.get_or_create_key()) crud, service, plugins = Crud(db), Service(), PluginManager() ## - START CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ## # | Summary: # | Modify web2py to allow user registrations similar to # | Google registrations. # | i.e. # | - lower case only [a-z] # | - numbers [0-9] and period are OK # | - can't end in a period # | - can't start with a period # | - can't have consecutive periods # | - min 8 letter password # | - username can't be changed once registered # | # | Note: Messages are nearly same as Google displays ## create all tables needed by auth if not custom tables # use usernames rather than email addresses to register auth.define_tables(username=True) # allow username only on registration, but can only # be viewed (readable) in Profile # user can't change username once registered. if auth.is_logged_in(): db.auth_user.username.writable = False db.auth_user.username.readable = True #custom message for password length - like Google # ref: """ https://groups.google.com/forum/?fromgroups#!searchin/web2py/$20default$20length$20for$20password/web2py/k5os3bMz228/vG-UOLbhcBUJ[1-25] """ db.auth_user.password.requires.insert(0,IS_LENGTH(minsize=8)) db.auth_user.password.requires = CRYPT(key=auth.settings.hmac_key, min_length=8) #add a comments to exlain policy db.auth_user.password.comment='minimum 8 letters' db.auth_user.username.comment='min. 6 letters (a-z), you may use numbers, and periods.' # apply nearly identical username policy and message that Google Accounts use. # this OVERWRITES web2py's default username validation # reference and thanks to web2py community for help: # https://groups.google.com/forum/?fromgroups#!starred/web2py/HBODB00HMfU[1-25] auth.settings.table_user.username.requires = [IS_LENGTH(30,6,'Please use between 6 and 30 characters.'), IS_MATCH('^[a-z0-9.]*$', error_message='Please use only letters (a-z) and numbers (0-9), and periods.'), IS_NOT_EMPTY(error_message='You can\'t leave this empty. '), IS_EXPR("value[0]<>'.'", error_message='The FIRST character of your username should be a letter (a-z) or number.'), IS_EXPR("value[-1]<>'.'", error_message='The LAST character of your username should be a letter (a-z) or number.'), IS_EXPR("str(value).find('..')==-1",error_message='A fan of punctuation! Alas, usernames can\'t have consecutive periods.'), IS_NOT_IN_DB(db, auth.settings.table_user.username, 'Someone already has that username. ') ] ## - END CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ## ## configure email mail=auth.settings.mailer mail.settings.server = 'logging' or 'smtp.gmail.com:587' mail.settings.sender = 'y...@gmail.com' mail.settings.login = 'username:password' ## configure auth policy auth.settings.registration_requires_verification = False auth.settings.registration_requires_approval = False auth.settings.reset_password_requires_verification = True ## if you need to use OpenID, Facebook, MySpace, Twitter, Linkedin, etc. ## register with janrain.com, write your domain:api_key in private/janrain.key from gluon.contrib.login_methods.rpx_account import use_janrain use_janrain(auth,filename='private/janrain.key') ######################################################################### ## Define your tables below (or better in another model file) for example ## ## >>> db.define_table('mytable',Field('myfield','string')) ## ## Fields can be 'string','text','password','integer','double','boolean' ## 'date','time','datetime','blob','upload', 'reference TABLENAME' ## There is an implicit 'id integer autoincrement' field ## Consult manual for more options, validators, etc. ## ## More API examples for controllers: ## ## >>> db.mytable.insert(myfield='value') ## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL) ## >>> for row in rows: print row.id, row.myfield #########################################################################