[Zope] User changing their own password via External Method with Cookie Crumbler

Chris Withers chris at simplistix.co.uk
Thu Mar 31 06:34:00 EST 2005


Dave Cinege wrote:
> From what I was able to dissect from CMF changing the password is down to a 
> hack.  : P   userFolderEditUser() doesn't work. You must instead change the 
> '__' attribute of a user object. 

Why am I not suprised? ;-)

: O   My code below works, except that
> credentialsChanged() ends up redirecting to the login page vs, resetting the 
> cookie and allowing the user to continue. Is that expected?

No, don't think so.

> 
> def UserEditFunc (self):
>     reqd = dict(self.REQUEST)
>     user = self.acl_users.getUser(reqd['username'])
>     user.__ = reqd['password']

This makes assumptions about the user folder implementation. If you're 
using anything other than a normal stock userfolder, beware!

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk


More information about the Zope mailing list