After upgrading to 2.3.2, my custom user registration breaks. I have
auth_user password encoded as follows in my user's model:
...
Field('password', 'password',
readable=False,
label=T('Password'),
requires=[CRYPT(), IS_LENGTH(512, 6)],
),
...
During registration, I create the register_form like so in my controller:
register_form = SQLFORM.factory(
...
db.auth_user.password,
Field('password2', 'password',
label=T(Verify password'),
requires=db.auth_user.password.requires,
),
...
)
During form acceptance, the form is validated by this:
def validate_registration(form):
...
if form.vars.password != form.vars.password2:
form.errors.password = form.errors.password2 = T(
'Passwords do not match')
...
return form
The problem is the passwords aren't the same. I'm assuming the problem is
the requires=CRYPT(), which actually encrypts the password twice, producing
two different results for password and password2. How would I get CRYPT()
to product the same result for both passwords? Do I need to pass in the
hmac_key or salt? Or not run CRYPT() at all?
--
