[web2py] Re: Authenticate users on third-party database tables (md5 passwords)

Narūnas Wed, 09 Sep 2015 08:45:29 -0700

For me the following did the trick...

*db.py*


def my_custom_auth(*args, **kwargs):
    from hashlib import md5
    """
    auth2 = Auth(db, controller="auth", function="user", 
hmac_key=Auth.get_or_create_key())
    auth2.settings.create_user_groups = False
    auth2.settings.login_methods = [my_custom_auth()]
    # Optionally
    auth2.settings.actions_disabled = ('register', 'verify_email', 
'retrieve_username', 'retrieve_password',
                                       'reset_password', 
'request_reset_password', 'change_password', 'profile',
                                       'groups', 'impersonate', 
'not_authorized'
                                      )
    """
    def my_custom_auth_aux(username, password):
        usr_query = db.tst.email == username
        pwd_query = db.tst.password == md5(password).hexdigest()
        query = usr_query & pwd_query
        login = db(query).select(db.tst.ALL).as_list()
        if len(login) == 1: return True
        return False
    return my_custom_auth_aux


auth2 = Auth(db, controller="auth", function="user", hmac_key=Auth.
get_or_create_key())
auth2.settings.create_user_groups = False
auth2.settings.login_methods = [my_custom_auth()]


*default.py*

@auth2.requires_login()
def index():
    response.view = "generic.html"
    return dict(usr=auth2.user, logout=A('Logout', _href=URL('auth', 'user', 
args='logout')))


def user():
    response.view = "default/user.html"
    return dict(form=auth2())







2015 m. rugsėjis 8 d., antradienis 10:42:20 UTC+1, Narūnas rašė:
>
> I have an existing database and a table of usernames/passwords. Passwords 
> there are simply encrypted *md5* hashes.
>
> I'm also writing web2py application which must be able to authenticate 
> users based on this third party db. No registration, group membership, 
> password reset, etc, none of this is required. User should simply be able 
> to type in his username (email) and password, password should be converted 
> to *md5* hash and compared against the matching record on the third party 
> database.
>
> I understand I need to override a few methods in the *auth class*? Maybe 
> there is already built in machinery for this?
>
> If someone could point me to the right direction it would be greatly 
> appreciated.
>
> Thanks
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

[web2py] Re: Authenticate users on third-party database tables (md5 passwords)

Reply via email to