Hello. During work on implementing SSHA256 password encoding for Moin 2.0 i found small bug in user creation code.
File user.py contain create_user function: user.py:69 http://bpaste.net/show/12713/ This code encode received password before creating new user. It seems ok, but this function is used only from apps/frontend/views.py:589 http://bpaste.net/show/12714/ This function get all arguments from html form, filled by user. But user newer fill encoded password in browser. If user create new account with password '{SHA}{SHA}' and all go ok. But user can't auth with this password and get error: KeyError: 'enc_password' It seems like condition 'not password.startswith('{SHA}')' in create_user function is not nedded. -- Pavel Vinogradov ------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Moin-user mailing list Moin-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/moin-user
