web2py 通过服务调用更改密码

发布于 2024-12-10 05:38:02 字数 529 浏览 0 评论 0原文

在 web2py 中，我想通过 xml-rpc 调用更改密码。我怎样才能做到这一点？

@auth.requires_login()
def call():
    return service()

@service.xmlrpc
def change_password(old_pass, new_pass, confirm_pass):
    #Validate args and then does the following
    #Borrowed from web2py tools.py source
    table_user = auth.settings.table_user 
    passfield = auth.settings.password_field
    s = db(table_user.id == auth.user_id) 
    d = {passfield: new_pass}
    s.update(**d) #this saves new password in plain text; why?? 
    return

原文

In web2py I'd like to change password via xml-rpc call. How can I do that?

@auth.requires_login()
def call():
    return service()

@service.xmlrpc
def change_password(old_pass, new_pass, confirm_pass):
    #Validate args and then does the following
    #Borrowed from web2py tools.py source
    table_user = auth.settings.table_user 
    passfield = auth.settings.password_field
    s = db(table_user.id == auth.user_id) 
    d = {passfield: new_pass}
    s.update(**d) #this saves new password in plain text; why?? 
    return

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

初见终念 2024-12-17 05:38:02

默认情况下，密码字段使用 CRYPT() 验证器对密码进行哈希处理。但是，验证器与表单提交一起应用（当调用 form.accepts() 方法时），而不是在常规 .insert() 和 .update() 操作期间应用。在插入新密码之前，您可以自己将其传递给 auth_user.password 字段的 CRYPT 验证器：

d = {passfield: table_user[passfield].validate(new_pass)[0]}
s.update(**d)

更新：将 requires[-1] 更改为 validate。

更新：这在当前稳定版本 (1.99.3) 中不起作用，但从下一个版本开始，您将能够执行以下操作：

d = {passfield: new_pass}
s.validate_and_update(**d)

validate_and_update 方法已经存在，但以前仅存在运行验证器来检查错误，而不转换提交的值（因此不能与 CRYPT 等验证器一起使用，CRYPT 会转换提交的值）。更新后的版本现在也可以转换这些值，因此应该可以与 CRYPT 一起使用。

By default, the password field uses the CRYPT() validator to hash the password. However, validators are applied with form submissions (when the form.accepts() method is called), not during regular .insert() and .update() operations. Before inserting the new password, you can pass it through the CRYPT validator of the auth_user.password field yourself:

d = {passfield: table_user[passfield].validate(new_pass)[0]}
s.update(**d)

Update: Changed requires[-1] to validate.

Update: This won't work in the current stable version (1.99.3), but as of the next release, you will instead be able to do:

d = {passfield: new_pass}
s.validate_and_update(**d)

The validate_and_update method already exists, but previously it only ran the validators to check for errors without transforming the submitted values (so didn't work with validators like CRYPT, which transform the submitted values). The updated version now transforms the values as well, so should work with CRYPT.

回复收藏 0 原文

~没有更多了~