[Twisted-Python] twisted.cred question
Jean-Paul Calderone
exarkun at divmod.com
Thu Oct 26 18:06:24 MDT 2006
On Thu, 26 Oct 2006 16:15:12 -0700, Yi Qiang <yqiang at gmail.com> wrote:
>Hi, I am using twisted.cred to provide authentication to users over PB. I
>am using the FilePasswordDB class to provide avatarID's to users. I am
>wondering where/how I should implement the feature so that when a user tries
>to login with a username that does not exist yet, we create a
>username/password pair for that user and log them in. I looked around in
>checkers.py, but I am not sure if that is the right place to implement
>this.
If you're using FilePasswordDB as your checker, then you could subclass
it and add this behavior. A problem with this in general is that it is
not always possible to extract sufficient information from a login attempt
to create a new set of credentials in the authentication backend. For
example, a password may have been hashed together with a random number.
However, for plaintext password authentication (ie, over SSL) you should
have no problem.
There has been some discussion at various points about adding a general
API for adding new credentials through cred, but it hasn't really gotten
anywhere.
Jean-Paul
More information about the Twisted-Python
mailing list