Hey Jon:
*Q:
* > BTW, are you deliberately *forbidding* upper-case letters?
*A:
*. *Yes*, just like Google does, usernames are lowercase,
although if your gmail username is
*johnsmith*
you can log in with
*JohnSmith*, or
*JOHNSMITH*, or
*Johnsmith*
etc. but there is ONLY ONE user.
At least for my app, Just case lowercase names are best...
user's have enough trouble remembering names without burden of
case-sensitivity.
-------
So, with the of this forum, I think I have nearly completed
my Google-like Registration policy in web2py. I'll continue to test.
Here is code, entire file (based on simple app, is attached db.py)
*Concern:*
I *hope* I'm restricting the length of password correctly?
I just followed discussion on this forum.
Note:
Curiously, in version 1.99, the .insert works,
where id didn't with username.
--
thanks all,
~ Rob
-----------------------
db.py....
from gluon.tools import Auth, Crud, Service, PluginManager, prettydate
auth = Auth(db, hmac_key=Auth.get_or_create_key())
crud, service, plugins = Crud(db), Service(), PluginManager()
## - START CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ##
# | Summary:
# | Modify web2py to allow user registrations similar to
# | Google registrations.
# | i.e.
# | - lower case only [a-z]
# | - numbers [0-9] and period are OK
# | - can't end in a period
# | - can't start with a period
# | - can't have consecutive periods
# | - min 8 letter password
# | - username can't be changed once registered
# |
# | Note: Messages are nearly same as Google displays
## create all tables needed by auth if not custom tables
# use usernames rather than email addresses to register
auth.define_tables(username=True)
# allow username only on registration, but can only
# be viewed (readable) in Profile
# user can't change username once registered.
if auth.is_logged_in():
db.auth_user.username.writable = False
db.auth_user.username.readable = True
#custom message for password length - like Google
# ref:
"""
https://groups.google.com/forum/?fromgroups#!searchin/web2py/$20default$20length$20for$20password/web2py/k5os3bMz228/vG-UOLbhcBUJ[1-25]
"""
db.auth_user.password.requires.insert(0,IS_LENGTH(minsize=8))
db.auth_user.password.requires = CRYPT(key=auth.settings.hmac_key,min_length
=8)
#add a comments to exlain policy
db.auth_user.password.comment='minimum 8 letters'
db.auth_user.username.comment='min. 6 letters (a-z), you may use numbers,
and periods.'
# apply nearly identical username policy and message that Google Accounts
use.
# this OVERWRITES web2py's default username validation
# reference and thanks to web2py community for help:
#
https://groups.google.com/forum/?fromgroups#!starred/web2py/HBODB00HMfU[1-25]
auth.settings.table_user.username.requires = [IS_LENGTH(30,6,'Please use
between 6 and 30 characters.'),
IS_MATCH('^[a-z0-9.]*$', error_message='Please use only letters (a-z)
and numbers (0-9), and periods.'),
IS_NOT_EMPTY(error_message='You can\'t leave this empty. '),
IS_EXPR("value[0]<>'.'", error_message='The FIRST character of your
username should be a letter (a-z) or number.'),
IS_EXPR("value[-1]<>'.'", error_message='The LAST character of your
username should be a letter (a-z) or number.'),
IS_EXPR("str(value).find('..')==-1",error_message='A fan of
punctuation! Alas, usernames can\'t have consecutive periods.'),
IS_NOT_IN_DB(db, auth.settings.table_user.username, 'Someone already
has that username. ')
]
## - END CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ##
--
# -*- coding: utf-8 -*-
#########################################################################
## This scaffolding model makes your app work on Google App Engine too
## File is released under public domain and you can use without limitations
#########################################################################
## if SSL/HTTPS is properly configured and you want all HTTP requests to
## be redirected to HTTPS, uncomment the line below:
# request.requires_https()
if not request.env.web2py_runtime_gae:
## if NOT running on Google App Engine use SQLite or other DB
db = DAL('sqlite://storage.sqlite')
else:
## connect to Google BigTable (optional 'google:datastore://namespace')
db = DAL('google:datastore')
## store sessions and tickets there
session.connect(request, response, db = db)
## or store session in Memcache, Redis, etc.
## from gluon.contrib.memdb import MEMDB
## from google.appengine.api.memcache import Client
## session.connect(request, response, db = MEMDB(Client()))
## by default give a view/generic.extension to all actions from localhost
## none otherwise. a pattern can be 'controller/function.extension'
response.generic_patterns = ['*'] if request.is_local else []
## (optional) optimize handling of static files
# response.optimize_css = 'concat,minify,inline'
# response.optimize_js = 'concat,minify,inline'
#########################################################################
## Here is sample code if you need for
## - email capabilities
## - authentication (registration, login, logout, ... )
## - authorization (role based authorization)
## - services (xml, csv, json, xmlrpc, jsonrpc, amf, rss)
## - old style crud actions
## (more options discussed in gluon/tools.py)
#########################################################################
from gluon.tools import Auth, Crud, Service, PluginManager, prettydate
auth = Auth(db, hmac_key=Auth.get_or_create_key())
crud, service, plugins = Crud(db), Service(), PluginManager()
## - START CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ##
# | Summary:
# | Modify web2py to allow user registrations similar to
# | Google registrations.
# | i.e.
# | - lower case only [a-z]
# | - numbers [0-9] and period are OK
# | - can't end in a period
# | - can't start with a period
# | - can't have consecutive periods
# | - min 8 letter password
# | - username can't be changed once registered
# |
# | Note: Messages are nearly same as Google displays
## create all tables needed by auth if not custom tables
# use usernames rather than email addresses to register
auth.define_tables(username=True)
# allow username only on registration, but can only
# be viewed (readable) in Profile
# user can't change username once registered.
if auth.is_logged_in():
db.auth_user.username.writable = False
db.auth_user.username.readable = True
#custom message for password length - like Google
# ref:
"""
https://groups.google.com/forum/?fromgroups#!searchin/web2py/$20default$20length$20for$20password/web2py/k5os3bMz228/vG-UOLbhcBUJ[1-25]
"""
db.auth_user.password.requires.insert(0,IS_LENGTH(minsize=8))
db.auth_user.password.requires = CRYPT(key=auth.settings.hmac_key, min_length=8)
#add a comments to exlain policy
db.auth_user.password.comment='minimum 8 letters'
db.auth_user.username.comment='min. 6 letters (a-z), you may use numbers, and periods.'
# apply nearly identical username policy and message that Google Accounts use.
# this OVERWRITES web2py's default username validation
# reference and thanks to web2py community for help:
# https://groups.google.com/forum/?fromgroups#!starred/web2py/HBODB00HMfU[1-25]
auth.settings.table_user.username.requires = [IS_LENGTH(30,6,'Please use between 6 and 30 characters.'),
IS_MATCH('^[a-z0-9.]*$', error_message='Please use only letters (a-z) and numbers (0-9), and periods.'),
IS_NOT_EMPTY(error_message='You can\'t leave this empty. '),
IS_EXPR("value[0]<>'.'", error_message='The FIRST character of your username should be a letter (a-z) or number.'),
IS_EXPR("value[-1]<>'.'", error_message='The LAST character of your username should be a letter (a-z) or number.'),
IS_EXPR("str(value).find('..')==-1",error_message='A fan of punctuation! Alas, usernames can\'t have consecutive periods.'),
IS_NOT_IN_DB(db, auth.settings.table_user.username, 'Someone already has that username. ')
]
## - END CUSTOMIZATION - - - - - - - - - - - - - - - - - - - - - - ##
## configure email
mail=auth.settings.mailer
mail.settings.server = 'logging' or 'smtp.gmail.com:587'
mail.settings.sender = '[email protected]'
mail.settings.login = 'username:password'
## configure auth policy
auth.settings.registration_requires_verification = False
auth.settings.registration_requires_approval = False
auth.settings.reset_password_requires_verification = True
## if you need to use OpenID, Facebook, MySpace, Twitter, Linkedin, etc.
## register with janrain.com, write your domain:api_key in private/janrain.key
from gluon.contrib.login_methods.rpx_account import use_janrain
use_janrain(auth,filename='private/janrain.key')
#########################################################################
## Define your tables below (or better in another model file) for example
##
## >>> db.define_table('mytable',Field('myfield','string'))
##
## Fields can be 'string','text','password','integer','double','boolean'
## 'date','time','datetime','blob','upload', 'reference TABLENAME'
## There is an implicit 'id integer autoincrement' field
## Consult manual for more options, validators, etc.
##
## More API examples for controllers:
##
## >>> db.mytable.insert(myfield='value')
## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL)
## >>> for row in rows: print row.id, row.myfield
#########################################################################
