[Zope-dev] storing passwords
Markus Bengts
markus@qvd.fi
Wed, 18 Jun 2003 13:05:29 +0300 (EEST)
On Mon, 16 Jun 2003, Chris Withers wrote:
> sean.upton@uniontrib.com wrote:
>
> > Or SimpleUserFolder: create a user folder class in a Zope product that
> > subclasses both SimpleUserFolder and OFS.Folder. Then put ZSQL methods and
> > a few TTW python scripts in the folder contents of an instance of this class
> > to make it work. I've done something similar to this with relative success.
>
> Hmmm... I prefer to just put the SQL method in the folder containing the SUF, no
> need for subclassing and knowing how to write Zope Products then...
>
I installed SimpleUserFolder and implemented the required methods. I can
now add and modify users but there is one thing missing. Where do I tell
Zope how to check the password when users try to authenticate? It should
be done with:
select * from intrauser
where username = 'submitted_username'
and pwdigest = crypt('submitted_password', pwdigest)
The crypt-function is stored in PostgreSQL (a contrib package). In this
way I can have many programs share the same password database.
pgUserFolder has user_login() so this would probably be a possible
solution. Is there an easy solution with SimpleUserFolder?
Markus