I've got this (where the key is a text string):
from gluon.tools import *
auth=Auth(globals(),db) # authentication/authorization
auth.settings.hmac_key = vpepm_hmac_key
auth.define_tables() # creates all needed tables
# invoke IS_STRONG only for password creation, not password checking
if "login" not in request.args:
auth.settings.table_user.password.requires += [IS_STRONG(min=8, max=0,
upper=1, lower=1, number=1, special=1)]
All my logins are failing with a bad password. I've got a sha512 hash in my
user database (manually initialized), but the login form is returning an md5
hash, presumably because digest_alg is set to md5. The manual says, "If a key
is specified it uses the HMAC+SHA512 with the provided key," but I don't see
where digest_alg is ever set to sha512.
Is there a bug, or am I doing something wrong?
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
