[Zope] acl_users and encrypted passwords
Peter Bengtsson
peter at fry-it.com
Fri Aug 7 11:10:14 EDT 2009
No, it's different every time.
Consider this::
def _doAddUser(self, name, password, roles, domains, **kw):
"""Create a new user"""
...
if password is not None and self.encrypt_passwords:
print "\tself._encryptPassword('word')=",
repr(self._encryptPassword('word'))
print "\tself._encryptPassword('word')=",
repr(self._encryptPassword('word'))
print "\tself._encryptPassword('word')=",
repr(self._encryptPassword('word'))
When running this you get this output::
self._encryptPassword('word')= '{SSHA}dxZSdvO5CiaMbDuCC0mAreI0R6nqc5RyYFGo'
self._encryptPassword('word')= '{SSHA}pup1PWzONwMnGXk/itXd6rhySF8MOuI57SO6'
self._encryptPassword('word')= '{SSHA}HGRxMfi9J7uGK8tfHvuMWfIbNghvu+Z2hb7a'
2009/8/7 Andreas Jung <lists at zopyx.com>:
> On 07.08.09 16:26, Peter Bengtsson wrote:
>> When you encrypt your passwords in an acl_users User Folder, is there
>> a way to check that the old password is correct?
>> I'm building an app that allows the user to change her password with
>> the usual form of:
>> Old: ________
>> New: ________
>> Confirm: ________
>>
> You has the 'old' password using the same algorithm and compare it
> against the stored password hash. Look the AccessControl API of Zope.
>
> -aj
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
>
>
--
Peter Bengtsson,
work www.fry-it.com
home www.peterbe.com
hobby www.issuetrackerproduct.com
fun crosstips.org
More information about the Zope
mailing list