Glauco ha scritto:
> Hi all, we have passed from 1.0.1 to new TurboGears 1.0.3.2, over SA,
> using a preexistant Postgres DB.
>
> - in our old version we have done a lot of path for a custom encryption
> password function. Probably we have done this patch wrongly, in any way
> i'm now started from a new tg version.
>
> as documentation sy, i've done my encrypt function and in app.cfg i've
> put this:
>
> identity.saprovider.encryption_algorithm="custom"
> identity.custom_encryption = 'foobar.lib.encryption_module.encrypt_pw'
>
> now,
>
> this function is never called, neither the _encrypt_password or
> encrypt_password from turbogears/identity/__init__.py
>
> i don't have changed default identity provider, (setted to sqlalchemy)
> no wrapper or nothing else can change default workflow of identity.
>
>
>
> any ideas for finding this bug?
>
>
>
>
> Glauco
>
>
>
Eureka.. i found it !
The problem is in visitor.py...
in TG for authentication are used sometimes these values from app.cfg
identity.form.user_name="logname"
identity.form.password="operatore_password"
identity.form.submit="login"
other times are hard-coded User.user_name and User.user_id,
andUser.password
this implies that i my mapper i must have something like this:
properties = .......
'logname' : tbl['operatore'].c.logname, #For Tg identity
'password' : tbl['operatore'].c.password,
'id' : tbl['operatore'].c.id,
'user_id' : synonym('id', proxy=True),
'operatore_id': synonym('id', proxy=True),
'user_name' : synonym('logname', proxy=True),
.........
i use always the column_prefix option so anyway i must wrap the fields name
in visitor.py this code don't let the developer to know where is the error.
try:
# form data contains login credentials
user_name = params.pop(self.user_name_field)
pw = params.pop(self.password_field)
# just lose the submit button to prevent passing to
final controller
submit= params.pop(self.submit_button_name, None)
submit_x = params.pop("%s.x" % self.submit_button_name,
None)
submit_y = params.pop("%s.y" % self.submit_button_name,
None)
set_login_attempted(True)
identity = self.provider.validate_identity(user_name,
pw, visit_key)
log.info("Identitiy = %s"% identity)
if identity is None:
log.warning("The credentials specified weren't valid")
return None
return identity
except KeyError:
return None
all KeyError are masked but i think that a simple code like this before
the try......
for x in (self.user_name_field, self.password_field,
self.submit_button_name):
if not params.has_key( x ):
log.error ("Check for presence of %s field in your form fields" % x)
Thank you and sorry for my poor english
Glauco
--
+------------------------------------------------------------+
Glauco Uri - Programmatore
glauco(at)allevatori.com
Sfera Carta Software® [EMAIL PROTECTED]
Via Bazzanese,69 Casalecchio di Reno(BO) - Tel. 051591054
+------------------------------------------------------------+
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
