[Zope] do I need to get user's password?
Mark Gibson
mark@dimensional.com
Tue, 27 Aug 2002 15:38:07 -0600
Return the encrypted password.
You should also have a method that compares the encrypted password with
the password the user types when loggin in, encrypted, to determine if
the users has entered a valid password.
Terry Hancock wrote:
> Hi,
>
> I'm looking at implementing a very simple encrypted
> password scheme, using SimpleUserFolder. The documentation
> says I need to implement a function to return a user's
> password.
>
> But if I understand encryption at all, this is supposed
> to be impossible. What should I do? Return an empty
> string? The hashed password? What depends on this
> capability?
>
> Surely it doesn't need this to support logins, does it?
>
> Also, should I expect any trouble with using SUF with
> CookieCrumbler to get cookie-based authentication?
>
> Otherwise, SUF looks pretty straightforward. Just
> trying to make sure I understand what I'm doing. ;-D
>
> Thanks,
> Terry