Re: [web2py] auth_user table password requires=is_not_empty() get overrided

Wed, 22 Feb 2012 10:25:51 -0800 

I see...

Thank you Anthony!

Richard

On Wed, Feb 22, 2012 at 12:32 PM, Anthony <abasta...@gmail.com> wrote:

> By default, CRYPT generates a hashed value even if you submit an empty
> string, so if you put IS_NOT_EMPTY after CRYPT, it will pass validation.
> However, there's no reason to use IS_NOT_EMPTY because CRYPT itself takes a
> min_length argument, which defaults to 0. Note, there is also an Auth
> setting called auth.settings.password_min_length, which defaults to 4. The
> default auth_user table created by Auth sets a CRYPT validator with
> min_length=auth.settings.password_min_length. So, just change your field
> definition to:
>
> Field('password', 'password',
>     requires=CRYPT(min_length=auth.settings.password_min_length), ...)
>
> Anthony
>
>
> On Wednesday, February 22, 2012 11:16:56 AM UTC-5, Richard wrote:
>>
>> Hello,
>>
>> User are allow to enter noting when they change their password in
>> application/user/change_**password form, I can also create user without
>> password in appadmin even if I set requires=is_not_empty() in the
>> model of auth_user table.
>>
>> # Here my model definition :
>> auth_table = db.define_table(
>>     auth.settings.table_user_name,
>>     Field('first_name', length=128, default=None,
>>         required=True,
>>         notnull=True,
>>         requires =
>> IS_NOT_EMPTY(error_message=T(**auth.messages.is_empty)),
>>         ),
>>     Field('last_name', length=128, default=None,
>>         requires =
>> IS_NOT_EMPTY(error_message=T(**auth.messages.is_empty)),
>>         ),
>>     Field('email', length=128, default=None, unique=True,
>> label=T('Email'),
>>         requires =
>> [IS_EMAIL(error_message=T(**auth.messages.invalid_email)),
>>             IS_NOT_IN_DB(db, 'auth_user.email')],
>>         ),
>>     Field('password', 'password', length=256,
>>           readable=False, label=T('Password'),
>>           required=True,
>>           notnull=True,
>>           requires = [CRYPT(),
>> IS_NOT_EMPTY(error_message=T(**auth.messages.is_empty))]
>>           ),
>>     Field('registration_key', length=128, default=None,
>>           writable=False, readable=False),
>>     Field('reset_password_key', length=512,
>>         writable=False, readable=False, default=None
>>         ),
>>     migrate=False,
>>     format='%(first_name)s %(last_name)s (%(id)s)')
>>
>> OK, just find that IS_NOT_EMPTY() not works except if it is before the
>> CRYPT() :
>>
>> requires = [IS_NOT_EMPTY(error_message=T(**auth.messages.is_empty)),
>> CRYPT()]
>>
>> I think this is a bug...
>>
>> I use web2py 1.99.4
>>
>> Richard
>>
>>

Reply via email to