Electronics & Programming

develissimo

Open Source electronics development and programming

  • You are not logged in.

#1 Nov. 25, 2005 00:01:51

s.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


Hi all,

can't seem to get my application user's passwords working properly
after the last changes to the password algorithm. User's with old md5
passwords can login once, but after that their passwords don't work
anymore. What gives?

Also, is there anyway of using mysql to create the new password format?
Reason being that I've extended the auth.user class, and I can't for my
life create users using python (other than that it works fine), so for
the time being I resorted to using mysql with md5('password') insert
statements, and of course these doesn't work with the new algo.

R
/LarS

Offline

#2 Nov. 25, 2005 00:30:38

Adrian H.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


On 11/24/05, stava <> wrote:
> can't seem to get my application user's passwords working properly
> after the last changes to the password algorithm. User's with old md5
> passwords can login once, but after that their passwords don't work
> anymore. What gives?

Hmmm, I can't reproduce this. Maybe the bug is in your own code, perhaps?

> Also, is there anyway of using mysql to create the new password format?
> Reason being that I've extended the auth.user class, and I can't for my
> life create users using python (other than that it works fine), so for
> the time being I resorted to using mysql with md5('password') insert
> statements, and of course these doesn't work with the new algo.

My recommendation would be to write a create_user() module-level
function in your User subclass. This would mirror the "real"
User.create_user(), so you'd be able to create users in Python, which
is best.

Adrian

--
Adrian Holovaty
holovaty.com | djangoproject.com | chicagocrime.org

Offline

#3 Nov. 25, 2005 08:17:04

s.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


Well, I'm using new-admin, and I've extended the auth.user class:

class User(auth.User):
primary_group = meta.ForeignKey(auth.Group, default = 1,
verbose_name = 'primary group')
new_password = meta.CharField(maxlength = 40, blank = True)
fullname = meta.CharField(maxlength = 40, blank = True)
department = meta.ForeignKey(Department, default = 1)
country = meta.ForeignKey(Country, default = 1,
help_text = 'Country the user belongs to')
available = meta.IntegerField(maxlength = 3, default = 100,
verbose_name = 'available (%)',
help_text = 'Percentage of hours per week')
cost = meta.IntegerField(maxlength = 4, default = 500,
help_text = 'SEK per hour')
employee = meta.PositiveSmallIntegerField(unique = True,
help_text = 'Employee number')
notes = meta.TextField(blank = True)

def __repr__(self):
return "%s %s" % (self.first_name, self.last_name)

def _pre_save(self):
self.set_password(self.new_password)
self.new_password = ''
self.fullname = self.first_name + " " + self.last_name

def _module_get_users_by_group(group_id):
"""Return list of users in (primary) group."""
return [(u, u)
for u in get_values(fields = ,
primary_group__id__exact = group_id)]
class META:
replaces_module = 'auth.users'
admin = meta.Admin(
fields = (
( None, {'fields': ('username', 'password', 'new_password')}),
('Personal info',
{'fields' : ('first_name', 'last_name', 'fullname', 'email',
'department', 'country',
'available', 'cost', 'employee',
'last_login', 'date_joined'), 'classes':
'collapse'}),
('Permissions',
{'fields' : ('is_staff', 'is_active', 'is_superuser',
'primary_group', 'groups', 'user_permissions'),
'classes': 'collapse'}),
('Notes', {'fields' : ('notes',), 'classes' : 'collapse'}),
),
list_display = ('username', 'first_name', 'last_name',
'primary_group',
'email', 'department', 'country'),
list_filter = ('is_staff', 'is_superuser', 'is_active',
'primary_group',
'department', 'country'),
search_fields = ('username', 'first_name', 'last_name', 'email'),
)

Offline

#4 Nov. 25, 2005 08:37:13

s.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


I've tried it with trunk, same result.

Offline

#5 Nov. 25, 2005 09:12:42

s.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


Trying, trying...

1)
from django.models.ttime import *
u = User('stava', 'Lars', 'Stavholm', '', 'password',
True, True, '2005-11-25', '2005-11-25')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 8, in ?
u.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 781, in method_save
self._pre_save()
File
"/usr/lib/python2.4/site-packages/ttime/apps/ttime/models/ttime.py",
line 176, in _pre_save
self.set_password(self.new_password)
AttributeError: 'User' object has no attribute 'new_password'

2) removed my own _pre_save():
from django.models.ttime import *
u = User('stava', 'Lars', 'Stavholm', '', 'password',
True, True, '2005-11-25', '2005-11-25')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 8, in ?
u.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 806, in method_save
db_values =
File "/usr/lib/python2.4/site-packages/django/core/meta/fields.py",
line 370, in get_db_prep_save
value = value.replace(microsecond=0)
TypeError: replace() takes no keyword arguments

3) using django auth:
from django.models.auth import *
u = User('stava', 'Lars', 'Stavholm', '', 'password',
True, True, '2005-11-25', '2005-11-25')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 8, in ?
u.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 806, in method_save
db_values =
AttributeError: 'User' object has no attribute 'last_login'

4) commented out my own User class, referencing auth.User instead:
from django.models.auth import *
u = User('stava', 'Lars', 'Stavholm', '', 'password',
True, True, '2005-11-25', '2005-11-25')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 8, in ?
u.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 806, in method_save
db_values =
AttributeError: 'User' object has no attribute 'last_login'

5) my own stuff still commented out:
from django.models.auth import *
u = users.create_user('stava', '', 'password')
u.save()

This one worked allright.

6) Put my own User(auth.User) class back again, and I'm back in the
pit:
from django.models.auth import *
u = users.create_user('stava2', '', 'password')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 7, in ?
u = users.create_user('stava2', '', 'password')
File "/usr/lib/python2.4/site-packages/django/models/auth.py", line
204, in _module_create_user
user.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 781, in method_save
self._pre_save()
File
"/usr/lib/python2.4/site-packages/ttime/apps/ttime/models/ttime.py",
line 176, in _pre_save
self.set_password(self.new_password)
AttributeError: 'User' object has no attribute 'new_password'

6) Trying to use my own class again:
from django.models.ttime import *
u = auth.users.create_user('stava2', '', 'password')
u.save()
Traceback (most recent call last):
File "tst/tst.py", line 7, in ?
u = auth.users.create_user('stava2', '',
'password')
File "/usr/lib/python2.4/site-packages/django/models/auth.py", line
204, in _module_create_user
user.save()
File "/usr/lib/python2.4/site-packages/django/utils/functional.py",
line 3, in _curried
return args(*(args+moreargs), **dict(kwargs.items() +
morekwargs.items()))
File "/usr/lib/python2.4/site-packages/django/core/meta/__init__.py",
line 781, in method_save
self._pre_save()
File
"/usr/lib/python2.4/site-packages/ttime/apps/ttime/models/ttime.py",
line 176, in _pre_save
self.set_password(self.new_password)
AttributeError: 'User' object has no attribute 'new_password'

I've no idea what to do. Mind you, this all worked (or at least seemed
to work) prior to the new password algo change. I've had this up and
running for several weeks. Any hints as to how to track this down
appreciated. Maybe there's some semantics changed when subclassing?

I'm using trunk 1431, mysql 4.1.10a, and python-2.4-14 on SuSE 9.3.

Offline

#6 Nov. 25, 2005 09:21:02

s.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

new password(s)


I've removed my subclassing alltogether, it all seems to work fine
know, I can login and logout and log back in again as expected.

Offline

Board footer

Moderator control

Enjoy the 20th of January
PoweredBy

The Forums are managed by develissimo stuff members, if you find any issues or misplaced content please help us to fix it. Thank you! Tell us via Contact Options
Leave a Message
Welcome to Develissimo Live Support