[Twisted-Python] twisted.cred question
Hi, I am using twisted.cred to provide authentication to users over PB. I am using the FilePasswordDB class to provide avatarID's to users. I am wondering where/how I should implement the feature so that when a user tries to login with a username that does not exist yet, we create a username/password pair for that user and log them in. I looked around in checkers.py, but I am not sure if that is the right place to implement this. Thanks in advance, Yi
On Thu, 26 Oct 2006 16:15:12 -0700, Yi Qiang <yqiang@gmail.com> wrote:
If you're using FilePasswordDB as your checker, then you could subclass it and add this behavior. A problem with this in general is that it is not always possible to extract sufficient information from a login attempt to create a new set of credentials in the authentication backend. For example, a password may have been hashed together with a random number. However, for plaintext password authentication (ie, over SSL) you should have no problem. There has been some discussion at various points about adding a general API for adding new credentials through cred, but it hasn't really gotten anywhere. Jean-Paul
On Thu, 26 Oct 2006 16:15:12 -0700, Yi Qiang <yqiang@gmail.com> wrote:
If you're using FilePasswordDB as your checker, then you could subclass it and add this behavior. A problem with this in general is that it is not always possible to extract sufficient information from a login attempt to create a new set of credentials in the authentication backend. For example, a password may have been hashed together with a random number. However, for plaintext password authentication (ie, over SSL) you should have no problem. There has been some discussion at various points about adding a general API for adding new credentials through cred, but it hasn't really gotten anywhere. Jean-Paul
participants (2)
-
Jean-Paul Calderone -
Yi Qiang