correct on both accounts. I will get this fixed in the code and the manual. Thanks.
Massimo On Jul 12, 11:44 am, Jonathan Lundell <[email protected]> wrote: > In Auth.define_tables we define the user table thus: > > if not self.settings.table_user: > passfield = self.settings.password_field > self.settings.table_user = db.define_table( > self.settings.table_user_name, > db.Field('first_name', length=128, default=''), > db.Field('last_name', length=128, default=''), > # db.Field('username', length=128, default=''), > db.Field('email', length=128, default=''), > db.Field(passfield, 'password', readable=False, > label='Password'), > db.Field('registration_key', length=128, > writable=False, readable=False, default=''), > > migrate=self.__get_migrate(self.settings.table_user_name, migrate)) > table = self.settings.table_user > table.first_name.requires = > IS_NOT_EMPTY(error_message=self.messages.is_empty) > table.last_name.requires = > IS_NOT_EMPTY(error_message=self.messages.is_empty) > table[passfield].requires = [CRYPT()] > table.email.requires = > [IS_EMAIL(error_message=self.messages.invalid_email), > IS_NOT_IN_DB(db, '%s.email' > % > self.settings.table_user._tablename)] > table.registration_key.default = '' > > In Auth.register, we have the following auto-login sequence; there's > similar logic in Auth.login, but it's clearer here: > > else: > user[form.vars.id] = dict(registration_key='') > session.flash = self.messages.registration_successful > table_user = self.settings.table_user > if 'username' in table_user.fields: > username = 'username' > else: > username = 'email' > users = self.db(table_user[username] == > form.vars[username])\ > .select() > user = users[0] > user = Storage(table_user._filter_fields(user, > id=True)) > session.auth = Storage(user=user, > last_visit=request.now, > expiration=self.settings.expiration) > self.user = user > session.flash = self.messages.logged_in > > Finally, the manual "Customizing auth_user" says, 'If you add a field > called "username", it will be used in place of the "email" for login.' > We see the username/email logic in Auth.register. > > The problem is that the username field needs (like email) to be > IS_NOT_EMPTY and IS_NOT_IN_DB, or the obvious bad thing can happen. > > Is it enough to mention the need for the validations (maybe a complete > sample line) in the manual? > > Finally, shouldn't both email and username require unique=True? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
