2009/5/12 Paul Johnston <p...@pajhome.org.uk>:
> I am going to have a go at adding a new authentication method to
> repoze.who. It's like the standard forms authentication, but uses
> JavaScript hashing to protect the password as it is transmitted.

Excellent; there's been talking on this list previously about such a mechanism.

> I know many people are using my scripts, so I think this would be a
> good feature for repoze.who. I've not used repoze.who so far, so lets
> see how I get on. If anyone would like to lend a hand, just let me
> know.

Is it correct to assume that if both the form where users originally
provide their desired password and the login form both use your
script, then nothing needs to be done on the server-side?

Repoze-dev mailing list

Reply via email to