How to set Reset password key programmatically?
486 views
Skip to first unread message
wish...@gmail.com
Dec 28, 2014, 1:52:30 PM12/28/14
to web...@googlegroups.com
Hey everybody,
I added a couple of users programmatically as suggested on the mailing list using
my_crypt = CRYPT(key=auth.settings.hmac_key)
crypt_pass = my_crypt(passw)[0]
id_user= db.auth_user.insert(username = username, email = email, password = crypt_pass)
That's perfectly fine, but... the newly created users lack a Reset password key
How would I assign a Reset password key when creating users programmatically, so that users later can retrieve their password?
Anybody could share a code snippet?
Cheers
Toby
I added a couple of users programmatically as suggested on the mailing list using
my_crypt = CRYPT(key=auth.settings.hmac_key)
crypt_pass = my_crypt(passw)[0]
id_user= db.auth_user.insert(username = username, email = email, password = crypt_pass)
That's perfectly fine, but... the newly created users lack a Reset password key
How would I assign a Reset password key when creating users programmatically, so that users later can retrieve their password?
Anybody could share a code snippet?
Cheers
Toby
wish...@gmail.com
Dec 30, 2014, 6:30:48 AM12/30/14
to web...@googlegroups.com
Just for the records (it took me quite some time to understand the password reset mechanism, maybe this helps somebody else):
The reset password key is created dynamically, so there's absolutely no need to populate the reset key field.
Per default the reset password key field is empty. Only when a user request a password reset the key is calculated automatically as
reset_password_key=str(int(time.time()))+'-'+str(uuid.uuid4())
The reset password key is created dynamically, so there's absolutely no need to populate the reset key field.
Per default the reset password key field is empty. Only when a user request a password reset the key is calculated automatically as
reset_password_key=str(int(time.time()))+'-'+str(uuid.uuid4())
Michele Comitini
Dec 30, 2014, 6:59:40 AM12/30/14
to web...@googlegroups.com
A simple trick is to send the user (with user_id) a link (by mail or any other way)
You can do something like this (max_time is when you want the key to expire)
user = db.auth_user(user_id)
reset_password_key = str(int(max_time)) + '-' + web2py_uuid()
user.update_record(reset_password_key=reset_password_key)
link =auth.url(auth.settings.function,
args=('reset_password', reset_password_key),
scheme='https')
You can put this in a file .py and call it from web2py.py using the -R option on commandline.You can do something like this (max_time is when you want the key to expire)
user = db.auth_user(user_id)
reset_password_key = str(int(max_time)) + '-' + web2py_uuid()
user.update_record(reset_password_key=reset_password_key)
link =auth.url(auth.settings.function,
args=('reset_password', reset_password_key),
scheme='https')
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
wish...@gmail.com
Dec 30, 2014, 12:21:22 PM12/30/14
to web...@googlegroups.com
Thanks Michele! In fact I misunderstood the basic concept (see my other mail which is still stuck in moderation)
I thought reset_password_key is mandatory in all cases, in fact it's only needed upon password reset request as you suggested..
Cheers
Toby
I thought reset_password_key is mandatory in all cases, in fact it's only needed upon password reset request as you suggested..
Cheers
Toby
lucas
Apr 19, 2017, 8:04:19 AM4/19/17
to web2py-users
what is "web2py_uuid()" in the above best answer?
also maxtime, is that a date time stamp for sometime in the future of when you want the key to expire?
thank you.
Reply all
Reply to author
Forward
0 new messages