Requirements for password field in db.py file are as follows:
db.auth_user.password.requires =
[IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
short'),
CRYPT(auth.settings.hmac_key)]
there are aslo defined these parameters:
auth.settings.controller = 'default'
auth.settings.hmac_key='sha512:phraseforthepass'
I was not sure if I import enough modules so beside the obvious:
from gluon.tools import *
I aslo imported these two:
from gluon.utils import *
from gluon.validators import *
Massimo, after I added the part of code you suggested in my
registration page (register.html):
{{=CRYPT(auth.settings.hmac_key)('hello world')}}
I got this on the page in web browser:
('ae0bd13943b9f20d94ee01dd121d26bbee315f269d309de6aacbfeeeefe6e1c9d75c3d1549dbf9cf2db8c0ecf9094c72cca33baac3944256815e6969fbc97830',
None)
On 14 Sie, 00:16, mdipierro <[email protected]> wrote:
> can you try
>
> print CRYPT(auth.settings.hmac_key)('hello world')
>
> what do you get? Did you set
>
> auth.settings.hmac_key='sha512:somerandompasphrase'
>
> On Aug 13, 12:39 pm, elfuego1 <[email protected]> wrote:
>
> > I did as mr.freeze suggested and I added values for all parameters:
>
> > db.auth_user.password.requires =
> > [IS_STRONG(min=8,max=None,upper=None,lower=None,special=None,number=None,error_message='Too
> > short'),
> > CRYPT(auth.settings.hmac_key)]
>
> > It helped with my first problem. I don't get error_message any more.
> > Form is processed smoothly now.
>
> > BUT the password still isn't hashed...
>
> > I had found information about additonal parameter
> > auth.settings.controller = 'default'
>
> > and had added it in my db.py file. To no avail though :-(
>
> > On 13 Sie, 11:19, mdipierro <[email protected]> wrote:
>
> > > @elfuogo1, let us know if the problems are solved.
>
> > > On Aug 12, 10:36 pm, "mr.freeze" <[email protected]> wrote:
>
> > > > IS_STRONG is failing for a different reason but displaying your error
> > > > message. The defaults are:
> > > > min=8, max=20, upper=1, lower=1, number=1, special=1
>
> > > > If you remove your error message, you will get a descriptive message
> > > > for each failure. You can set each parameter to 0 to disallow and to
> > > > None to not check.
> > > > db.auth_user.password.requires = [IS_STRONG(min=8,max=None,upper=None,
>
> > > > lower=None,special=None,number=None,error_message='Too short'),
> > > > CRYPT(auth.settings.hmac_key)]
>
> > > > Perhaps the defaults should be less aggressive. Not sure on the
> > > > CRYPT, it hashes the password for me.
>
> > > > On Aug 12, 9:53 pm, elfuego1 <[email protected]> wrote:
>
> > > > > Hi,
>
> > > > > I have a problem with two things in registration form.
>
> > > > > 1. Definition for password field in database looks as follows:
>
> > > > > db.auth_user.password.requires = [IS_STRONG(min=8 ,error_message='Your
> > > > > password is too short!'), CRYPT(auth.settings.hmac_key)]
>
> > > > > But the form is not accepting passwords. Each time I want to send a
> > > > > form it shows me error message: 'Your password is too short', even if
> > > > > the password is much longer than required 8 signs.
> > > > > After removing 'min=8' parameter I'm able to save my form in database.
>
> > > > > 2. Although I have provided an encryption setting:
>
> > > > > auth.settings.hmac_key='sha512:something
>
> > > > > password is not encrypted in the database.
>
> > > > > Can you help me and tell me what I'm doing wrong? Am I missing some
> > > > > parameters?
