[web2py] Auto Creating Users/Groups/Roles
304 views
Skip to first unread message
Patrick
Apr 21, 2010, 5:32:04 PM4/21/10
to web2py-users
I have been learning web2py and decided to create a simple ticket
system. Thus far I've been able to read the book/documentation or look
at others code and been able to hack my way through most issues.
However in my situation I need to have a default user created for
default administrative purposes, such as adding other admin users (I
know this isn't the best way to accomplish this but I'm learning...
advice, suggestions always welcome).
I've tried something similar to this post "http://groups.google.com/
group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
because it says invalid login.
I believe this is due to when I set the default password. If I login
appadmin and change the password and then try to login it works. So
I'm messing up on the password creation part. Here is the code for my
z_defuser.py:
fname='ticket'
lname='master'
maile='tma...@example.com'
passwd='tmaster09!'
# Check to see if the user exists first.
# If the user does do nothing, else create the new user.
rows = db(db.auth_user.email == maile).select()
if rows:
pass
else:
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
password=passwd)
P.S.
Any suggestions/advice are welcome. Thank you.
system. Thus far I've been able to read the book/documentation or look
at others code and been able to hack my way through most issues.
However in my situation I need to have a default user created for
default administrative purposes, such as adding other admin users (I
know this isn't the best way to accomplish this but I'm learning...
advice, suggestions always welcome).
I've tried something similar to this post "http://groups.google.com/
group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
because it says invalid login.
I believe this is due to when I set the default password. If I login
appadmin and change the password and then try to login it works. So
I'm messing up on the password creation part. Here is the code for my
z_defuser.py:
fname='ticket'
lname='master'
maile='tma...@example.com'
passwd='tmaster09!'
# Check to see if the user exists first.
# If the user does do nothing, else create the new user.
rows = db(db.auth_user.email == maile).select()
if rows:
pass
else:
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
password=passwd)
P.S.
Any suggestions/advice are welcome. Thank you.
mdipierro
Apr 21, 2010, 7:54:08 PM4/21/10
to web2py-users
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
password=passwd)
should be
last_name=lname,
email=maile,
password=passwd)
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
On Apr 21, 4:32 pm, Patrick <arcaneli...@gmail.com> wrote:
> I have been learning web2py and decided to create a simple ticket
> system. Thus far I've been able to read the book/documentation or look
> at others code and been able to hack my way through most issues.
> However in my situation I need to have a default user created for
> default administrative purposes, such as adding other admin users (I
> know this isn't the best way to accomplish this but I'm learning...
> advice, suggestions always welcome).
>
> I've tried something similar to this post "http://groups.google.com/
> group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
> lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
> because it says invalid login.
>
> I believe this is due to when I set the default password. If I login
> appadmin and change the password and then try to login it works. So
> I'm messing up on the password creation part. Here is the code for my
> z_defuser.py:
>
> fname='ticket'
> lname='master'
Thadeus Burgess
Apr 21, 2010, 9:39:54 PM4/21/10
to web...@googlegroups.com
How about
password = CRYPT()(passwd)[0]
--
Thadeus
password = CRYPT()(passwd)[0]
--
Thadeus
rohfle
Apr 21, 2010, 8:05:05 PM4/21/10
to web2py-users
You probably need to 'crypt' the password before inserting it into the
database.
This can be done using something like:
pw_hasher = IS_CRYPT()
The form based user registration does this automatically as part of
validation, but since you are inserting a record manually, these
validation steps are not executed to the best of my knowledge.
Regards,
R
On Apr 22, 9:32 am, Patrick <arcaneli...@gmail.com> wrote:
> I have been learning web2py and decided to create a simple ticket
> system. Thus far I've been able to read the book/documentation or look
> at others code and been able to hack my way through most issues.
> However in my situation I need to have a default user created for
> default administrative purposes, such as adding other admin users (I
> know this isn't the best way to accomplish this but I'm learning...
> advice, suggestions always welcome).
>
> I've tried something similar to this post "http://groups.google.com/
> group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
> lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
> because it says invalid login.
>
> I believe this is due to when I set the default password. If I login
> appadmin and change the password and then try to login it works. So
> I'm messing up on the password creation part. Here is the code for my
> z_defuser.py:
>
> fname='ticket'
> lname='master'
> maile='tmas...@example.com'
database.
This can be done using something like:
pw_hasher = IS_CRYPT()
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
password=pw_hasher(passwd))
last_name=lname,
email=maile,
The form based user registration does this automatically as part of
validation, but since you are inserting a record manually, these
validation steps are not executed to the best of my knowledge.
Regards,
R
On Apr 22, 9:32 am, Patrick <arcaneli...@gmail.com> wrote:
> I have been learning web2py and decided to create a simple ticket
> system. Thus far I've been able to read the book/documentation or look
> at others code and been able to hack my way through most issues.
> However in my situation I need to have a default user created for
> default administrative purposes, such as adding other admin users (I
> know this isn't the best way to accomplish this but I'm learning...
> advice, suggestions always welcome).
>
> I've tried something similar to this post "http://groups.google.com/
> group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
> lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
> because it says invalid login.
>
> I believe this is due to when I set the default password. If I login
> appadmin and change the password and then try to login it works. So
> I'm messing up on the password creation part. Here is the code for my
> z_defuser.py:
>
> fname='ticket'
> lname='master'
mdipierro
Apr 21, 2010, 10:09:42 PM4/21/10
to web2py-users
NO. You cannot use
password=IS_CRYPT()(passwd)[0])
You must use
password=db.auth_user.password.requires[0](passwd)[0])
the reason is that IS_CRYPT() by default uses MD5 while if you pass a
key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
example hmac+sha512). So to encrypt the password you have to use the
same IS_CRYPT(key='...') that you used when defining the model.
When you create a new app from admin, auth uses hmac+sha512.
Massimo
password=IS_CRYPT()(passwd)[0])
You must use
password=db.auth_user.password.requires[0](passwd)[0])
key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
example hmac+sha512). So to encrypt the password you have to use the
same IS_CRYPT(key='...') that you used when defining the model.
When you create a new app from admin, auth uses hmac+sha512.
Massimo
Jonathan Lundell
Apr 21, 2010, 11:09:56 PM4/21/10
to web...@googlegroups.com
On Apr 21, 2010, at 7:09 PM, mdipierro wrote:
> NO. You cannot use
>
> password=IS_CRYPT()(passwd)[0])
>
> You must use
>
> password=db.auth_user.password.requires[0](passwd)[0])
>
> the reason is that IS_CRYPT() by default uses MD5 while if you pass a
> key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
> example hmac+sha512). So to encrypt the password you have to use the
> same IS_CRYPT(key='...') that you used when defining the model.
>
> When you create a new app from admin, auth uses hmac+sha512.
FWIW (and I'm not sure it's responsive to the original question), I use something like this:
> NO. You cannot use
>
> password=IS_CRYPT()(passwd)[0])
>
> You must use
>
> password=db.auth_user.password.requires[0](passwd)[0])
>
> the reason is that IS_CRYPT() by default uses MD5 while if you pass a
> key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
> example hmac+sha512). So to encrypt the password you have to use the
> same IS_CRYPT(key='...') that you used when defining the model.
>
> When you create a new app from admin, auth uses hmac+sha512.
uid = auth.get_or_create_user(dict(username='xxx', first_name='fff', last_name='lll',
email='whatever@localhost', password=hmac.new(my_hmac_key, 'hey!', sha512).hexdigest(), registration_key=""))
auth.add_membership(gid_admin, uid)
--
Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
mdipierro
Apr 21, 2010, 11:41:37 PM4/21/10
to web2py-users
It is crytical that the my_hmac_key in your example be the same as
auth.settings.hmac_key
auth.settings.hmac_key
Patrick
Apr 22, 2010, 10:51:19 AM4/22/10
to web2py-users
I tried your way however it doesn't set the password, (it is None in
appadmin). Could you elaborate more on your example?
Patrick
Apr 22, 2010, 10:55:05 AM4/22/10
to web2py-users
not defined. Aside from that it works if I remove the hmac.new
altogether but then I'm stuck with it setting the password but not
being able to log in due to it not being hashed properly. Thanks, for
showing me a simpler way with auth.get_or_create_user.
Jonathan Lundell
Apr 22, 2010, 11:26:23 AM4/22/10
to web...@googlegroups.com
On Apr 22, 2010, at 7:55 AM, Patrick wrote:
>
>
> On Apr 21, 10:09 pm, Jonathan Lundell <jlund...@pobox.com> wrote:
>> On Apr 21, 2010, at 7:09 PM, mdipierro wrote:
>>
>>> NO. You cannot use
>>
>>> password=IS_CRYPT()(passwd)[0])
>>
>>> You must use
>>
>>> password=db.auth_user.password.requires[0](passwd)[0])
>>
>>> the reason is that IS_CRYPT() by default uses MD5 while if you pass a
>>> key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
>>> example hmac+sha512). So to encrypt the password you have to use the
>>> same IS_CRYPT(key='...') that you used when defining the model.
>>
>>> When you create a new app from admin, auth uses hmac+sha512.
>>
>> FWIW (and I'm not sure it's responsive to the original question), I use something like this:
>>
>> uid = auth.get_or_create_user(dict(username='xxx', first_name='fff', last_name='lll',
>> email='whatever@localhost', password=hmac.new(my_hmac_key, 'hey!', sha512).hexdigest(), registration_key=""))
>> auth.add_membership(gid_admin, uid)
>>
>> --
>
> I've attempted to use your example but I get an error saying 'hmac' is
> not defined.
I left out: import hmac (it's from the Python library)
>
>
> On Apr 21, 10:09 pm, Jonathan Lundell <jlund...@pobox.com> wrote:
>> On Apr 21, 2010, at 7:09 PM, mdipierro wrote:
>>
>>> NO. You cannot use
>>
>>> password=IS_CRYPT()(passwd)[0])
>>
>>> You must use
>>
>>> password=db.auth_user.password.requires[0](passwd)[0])
>>
>>> the reason is that IS_CRYPT() by default uses MD5 while if you pass a
>>> key IS_CRYPT(key='sha521:blabla') is uses better algorithms (for
>>> example hmac+sha512). So to encrypt the password you have to use the
>>> same IS_CRYPT(key='...') that you used when defining the model.
>>
>>> When you create a new app from admin, auth uses hmac+sha512.
>>
>> FWIW (and I'm not sure it's responsive to the original question), I use something like this:
>>
>> uid = auth.get_or_create_user(dict(username='xxx', first_name='fff', last_name='lll',
>> email='whatever@localhost', password=hmac.new(my_hmac_key, 'hey!', sha512).hexdigest(), registration_key=""))
>> auth.add_membership(gid_admin, uid)
>>
>> --
>
> I've attempted to use your example but I get an error saying 'hmac' is
> not defined.
mdipierro
Apr 22, 2010, 12:03:04 PM4/22/10
to web2py-users
ticket_master = db.auth_user.insert(first_name=fname,
last_name=lname,
email=maile,
password=db.auth_user.password.requires[0](passwd)[0]))
last_name=lname,
email=maile,
unless you have a custom auth_user model. In that case depdends on the
password validator(s)
Patrick
Apr 22, 2010, 12:32:36 PM4/22/10
to web2py-users
On Apr 22, 11:03 am, mdipierro <mdipie...@cs.depaul.edu> wrote:
> ticket_master = db.auth_user.insert(first_name=fname,
> last_name=lname,
> email=maile,
>
> password=db.auth_user.password.requires[0](passwd)[0]))
>
> unless you have a custom auth_user model. In that case depdends on the
> password validator(s)
>
formatting got off and I was treating it like a separate variable. So
it works! When you first start web2py the user gets created (and every
time the user gets deleted as well. I'll figure out a better way to do
this later on. For now call this a feature). But the password gets set
properly and you can login and perform actions as the user. Thanks for
all the suggestions, until next time.
Patrick
Apr 22, 2010, 12:33:23 PM4/22/10
to web2py-users
> I have been learning web2py and decided to create a simple ticket
> system. Thus far I've been able to read the book/documentation or look
> at others code and been able to hack my way through most issues.
> However in my situation I need to have a default user created for
> default administrative purposes, such as adding other admin users (I
> know this isn't the best way to accomplish this but I'm learning...
> advice, suggestions always welcome).
>
> I've tried something similar to this post "http://groups.google.com/
> group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
> lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
> because it says invalid login.
>
> I believe this is due to when I set the default password. If I login
> appadmin and change the password and then try to login it works. So
> I'm messing up on the password creation part. Here is the code for my
> z_defuser.py:
>
> fname='ticket'
> lname='master'
> maile='tmas...@example.com'
> system. Thus far I've been able to read the book/documentation or look
> at others code and been able to hack my way through most issues.
> However in my situation I need to have a default user created for
> default administrative purposes, such as adding other admin users (I
> know this isn't the best way to accomplish this but I'm learning...
> advice, suggestions always welcome).
>
> I've tried something similar to this post "http://groups.google.com/
> group/web2py/browse_thread/thread/39f2d63f7024bbfb/2da45ae0132fe8fc?
> lnk=gst&q=auto+users#2da45ae0132fe8fc", but I can't login as the user
> because it says invalid login.
>
> I believe this is due to when I set the default password. If I login
> appadmin and change the password and then try to login it works. So
> I'm messing up on the password creation part. Here is the code for my
> z_defuser.py:
>
> fname='ticket'
> lname='master'
Jonathan Lundell
Apr 22, 2010, 1:18:37 PM4/22/10
to web...@googlegroups.com
On Apr 22, 2010, at 9:32 AM, Patrick wrote:
> I'm sorry your solution *does* work, I misread it in the reply, the
> formatting got off and I was treating it like a separate variable. So
> it works! When you first start web2py the user gets created (and every
> time the user gets deleted as well. I'll figure out a better way to do
> this later on. For now call this a feature). But the password gets set
> properly and you can login and perform actions as the user. Thanks for
> all the suggestions, until next time.
I use something like this to make it happen once. This isn't necessarily the test you want, but it's adaptable.
> I'm sorry your solution *does* work, I misread it in the reply, the
> formatting got off and I was treating it like a separate variable. So
> it works! When you first start web2py the user gets created (and every
> time the user gets deleted as well. I'll figure out a better way to do
> this later on. For now call this a feature). But the password gets set
> properly and you can login and perform actions as the user. Thanks for
> all the suggestions, until next time.
if not db(auth.settings.table_group.id>0).count():
...do your thing...
Patrick
Apr 22, 2010, 2:12:33 PM4/22/10
to web2py-users
On Apr 22, 12:18 pm, Jonathan Lundell <jlund...@pobox.com> wrote:
> On Apr 22, 2010, at 9:32 AM, Patrick wrote:
>
> > I'm sorry your solution *does* work, I misread it in the reply, the
> > formatting got off and I was treating it like a separate variable. So
> > it works! When you first start web2py the user gets created (and every
> > time the user gets deleted as well. I'll figure out a better way to do
> > this later on. For now call this a feature). But the password gets set
> > properly and you can login and perform actions as the user. Thanks for
> > all the suggestions, until next time.
>
> I use something like this to make it happen once. This isn't necessarily the test you want, but it's adaptable.
>
> if not db(auth.settings.table_group.id>0).count():
> ...do your thing...
>
something simply usable.
Can't believe I'm coding...
# default credentials. at least *one* user must exist or the default
"ticket master" user
# will be created.
fname='ticket'
lname='master'
maile='tmaster@localhost'
passwd='tmaster09!'
# Johnathan's suggestion on running this once. Works like a charm.
# Thank you Massimo for the password part.
if not db(db.auth_user.id>0).count():
ticket_master=db.auth_user.insert(first_name=fname,last_name=lname,email=maile,
password=db.auth_user.password.requires[0](passwd)[0])
else:
pass
Thadeus Burgess
Apr 22, 2010, 2:24:54 PM4/22/10
to web...@googlegroups.com
I just wrote a blog post on this!
http://groups.google.com/group/web2py/browse_thread/thread/1a522db61b5e5d44
--
Thadeus
http://groups.google.com/group/web2py/browse_thread/thread/1a522db61b5e5d44
--
Thadeus
Patrick
Apr 22, 2010, 3:00:02 PM4/22/10
to web2py-users
Bookmarked.
On Apr 22, 1:24 pm, Thadeus Burgess <thade...@thadeusb.com> wrote:
> I just wrote a blog post on this!
>
> http://groups.google.com/group/web2py/browse_thread/thread/1a522db61b...
> > ticket_master=db.auth_user.insert(first_name=fname,last_name=lname,email=maile,
On Apr 22, 1:24 pm, Thadeus Burgess <thade...@thadeusb.com> wrote:
> I just wrote a blog post on this!
>
Reply all
Reply to author
Forward
0 new messages