Dear Danny
THanks for your prompt response. THis is not a homework problem, I m trying to learn how to do sessions logins
I m trying to do the following
1) have logins/passwords stored in postgresql, currently this is my code, python+psycopg2 talking to postgresql running in backend.
if i.email != "" and i.password != "":
algo = 'sha1'
salt = sha.new(str(random.random())).hexdigest()[:5]
hsh = sha.new(salt+i.password).hexdigest()
password_algo_salt_hash = '%s$%s$%s' % (algo, salt, hsh)
web.insert('users', email = i.email, password = password_algo_salt_hash, ip=web.ctx.ip, rawpassword=i.password)
web.setcookie('username', i.email,2629743)#expires in a month
2) As you can see I m not setting the cookie properly , I m just setting email as cookie, So I want to set a proper hash of email time and cookie HOW DO I set a proper hash based cookie.
a login page that takes a username and password, checks it
against a database, and then sets a cookie of (hash(secret,user,
time),user,time). Then there's a function that checks the cookie and
returns the user object if the hashes match.
I m unable to figure out how to do this yet
Anil
THanks for your prompt response. THis is not a homework problem, I m trying to learn how to do sessions logins
I m trying to do the following
1) have logins/passwords stored in postgresql, currently this is my code, python+psycopg2 talking to postgresql running in backend.
if i.email != "" and i.password != "":
algo = 'sha1'
salt = sha.new(str(random.random())).hexdigest()[:5]
hsh = sha.new(salt+i.password).hexdigest()
password_algo_salt_hash = '%s$%s$%s' % (algo, salt, hsh)
web.insert('users', email = i.email, password = password_algo_salt_hash, ip=web.ctx.ip, rawpassword=i.password)
web.setcookie('username', i.email,2629743)#expires in a month
2) As you can see I m not setting the cookie properly , I m just setting email as cookie, So I want to set a proper hash of email time and cookie HOW DO I set a proper hash based cookie.
a login page that takes a username and password, checks it
against a database, and then sets a cookie of (hash(secret,user,
time),user,time). Then there's a function that checks the cookie and
returns the user object if the hashes match.
I m unable to figure out how to do this yet
Anil
----- Original Message ----
From: Danny Yoo <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: Tutor <tutor@python.org>
Sent: Thursday, October 12, 2006 10:17:14 AM
Subject: do you know how to do this
To: [EMAIL PROTECTED]
Cc: Tutor <tutor@python.org>
Sent: Thursday, October 12, 2006 10:17:14 AM
Subject: do you know how to do this
>> Date: Thu, 12 Oct 2006 01:46:44 -0700 (PDT)
>> From: anil maran <[EMAIL PROTECTED]>
>> Subject: do you know how to do this
>> To: Alan Gauld <[EMAIL PROTECTED]>
>>
>> The user, password and group are stored in a session on disk using
>> flup.middleware.session. You can change this to fit your needs like in
>> a database. I think someone have already extended the flup session with
>> a database store?
>>
>> Use the decorator function on your GET and POST method to set
>> authentication and provide which group are allowed.
>>
>> If auth is set to True and user/password/access did not match, a
>> redirect is made to /login.
Anil, can you try to refocus your question?
You have to be more specific than "Do you know how to do this?" because
that can invite really flippant answers like "Yes" or "No". That's not
going to be useful for you. Instead, try focusing us on what problems
you're having.
From your message with Alan, I see a general problem statement with
several requirements necessary for a solution. It really looks like a
homework assignment. We are not allowed to go into a particular solution;
we're going to have to limit ourselves to reduce the confusion you have
with the problem, but that's it: you're going to have to do your own work
on the problem.
Is there any part in your assignment that you don't understand? Is there
any part in there that you do understand? Do you understand all the terms
used in the problem? At what point are you getting stuck? Have you
worked on any other problem that's similar to the one you're looking at
now?
Good luck.
>> From: anil maran <[EMAIL PROTECTED]>
>> Subject: do you know how to do this
>> To: Alan Gauld <[EMAIL PROTECTED]>
>>
>> The user, password and group are stored in a session on disk using
>> flup.middleware.session. You can change this to fit your needs like in
>> a database. I think someone have already extended the flup session with
>> a database store?
>>
>> Use the decorator function on your GET and POST method to set
>> authentication and provide which group are allowed.
>>
>> If auth is set to True and user/password/access did not match, a
>> redirect is made to /login.
Anil, can you try to refocus your question?
You have to be more specific than "Do you know how to do this?" because
that can invite really flippant answers like "Yes" or "No". That's not
going to be useful for you. Instead, try focusing us on what problems
you're having.
From your message with Alan, I see a general problem statement with
several requirements necessary for a solution. It really looks like a
homework assignment. We are not allowed to go into a particular solution;
we're going to have to limit ourselves to reduce the confusion you have
with the problem, but that's it: you're going to have to do your own work
on the problem.
Is there any part in your assignment that you don't understand? Is there
any part in there that you do understand? Do you understand all the terms
used in the problem? At what point are you getting stuck? Have you
worked on any other problem that's similar to the one you're looking at
now?
Good luck.
_______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
