No, I don't have custom auth_user table, However I extend the existing with
the followings:
auth.settings.extra_fields['auth_user']= [
Field('address',label=T("address")),
Field('city',label=T("City")),
Field('zip',label=T("ZIP")),
Field('country','reference country',label=T("country")),
Field('phone',label=T("phone")),
]
And it works perfectly fine on Windows. I restarted the application (on
Windows) several times with empty database and it regenerated all tables
without any problem.
Even more strange, if I click on forgot password button, enter my mail
address, I get a link to the new password. Clicking on the link gets me to
the new password form and the new password shows hashed in the db as
expected and I can logon. So Only the registration form stores clear text
in the database.
On Thursday, August 18, 2016 at 9:45:12 PM UTC+2, Massimo Di Pierro wrote:
>
> Do you have a custom auth_user table without the password CRYPT validator?
>
> On Thursday, 18 August 2016 10:38:25 UTC-5, icodk wrote:
>>
>> I develop a web2py application on Windows. I deployed it on an Ubuntu
>> machine but now user passwords spears in the auth_user in clear text and
>> nobody can login,probably because the login controller try to compare the
>> hash with the clear text in the db.
>> What is happening ?
>> Of course I would like everything to be hashed
>>
>> Thanks
>>
>> web2py: Version 2.14.6-stable+timestamp.2016.05.09.19.18.48
>> Linux 3.16.0-41-generic #57-Ubuntu SMP Thu Jun 18 08:51:07 UTC 2015 i686
>> i686 i686 GNU/Linux
>>
>>
>>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
