On Wed, Feb 18, 2009 at 7:26 AM, [email protected] <[email protected]> wrote: > > Hello. > > Can you help me to provide Advanced Homegrown Auth with mysql md5 > support (passwords in users.password table). Probably sources or > etc... i'm beginner in pylons and can't understand way to build using > this article > http://wiki.pylonshq.com/display/pylonscookbook/Advanced+Homegrown+Auth
MySQL has encryption functions http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html but I'm not sure if SQLAlchemy allows you to use them in an insertion dict or ORM attribute. If it did, the syntax would be: sqlalchemy.func.md5("password") and sqlalchemy.func.md5(mytable.c.mycolumn) But I'm not sure if those can be used anywhere except in the first argument to sqlalchemy.select(). The other approach would be to use Python's md5 module instead. http://docs.python.org/library/md5.html So when adding a user, you'd encrypt the password before inserting it into the databse. When verifying a user, you would encrypt the entered password, pull the user's record from the database, and see if the two passwords are equal. Note that Python's md5 module has two formats: binary and hex. The hex format is more convenient but it doubles the length. The important thing is not to mix the formats otherwise they won't match. -- Mike Orr <[email protected]> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
