[campsite-support] User Authentication - Newscoop Support Discussions on Sourcefabric Forum

*Vote Up*

With the new version of campsite, Ive had trouble with users logging into
the system.

Once a user tries to log in, the server informs them that the security has
been upgraded, and they need to log in again. It never authenticates them
however. The only workaround I've found is to log in once, then go directly
to the database, and change the password field in the users table for that
particular user to:

PASSWORD('old_password')

...and that seems to work.

Any suggestions?

Chris

*Vote Up*

What do you mean by "it never authenticates them"? Do you mean that they
cant log in?

What should happen is this:
1) user logs in with old password
2) user prompted to enter their password again to upgrade it
3) user is logged in

- Paul

On 8/9/06, Christopher Palermo wrote:
>
> With the new version of campsite, Ive had trouble with users logging into
> the system.
>
> Once a user tries to log in, the server informs them that the security has
> been upgraded, and they need to log in again. It never authenticates them
> however. The only workaround I've found is to log in once, then go directly
> to the database, and change the password field in the users table for that
> particular user to:
>
> PASSWORD('old_password')
>
> ...and that seems to work.
>
> Any suggestions?
>
> Chris
>

*Vote Up*

As far as I am familiar with the probelm, there are several
configuratons you use and on the versions of applications you run
campsite on.

1) At certain point in past there was an issue, where database field for
pasword was too short to keep the authentification string. Untill it was
expanded, it cuts off the string and damaged the passwords

2) After expansions we had some probems with mysql versions, because
password function in MySQL changed between versions and such an upgrade
affected campsite passwords
therefore Passwords are encripted by sha() function instead of
Password()

3) It happens all the time that at certain point simply upgrade causes
all old passwords to be invalid and the reasons are so various, that my
suggestion was to create reset_password dialog which should be aviable
through login_failed dialog and which should generate new password, set
it to database and send it to user to his registered email.

I believe this feature would stop all talks about passwords. If it does
not work, reset it. If reset did not work, simply let developers know.

I would also ask everyone reporting bug or asking for an advice to
specify your system. tell us, what is the latest upgrade (which version
to what version), what MySQL version you use and if you upgraded it
during time, what PHP version you use...

Ondra

On Wed, 2006-08-09 at 15:11 +0100, Paul Baranowski wrote:
> What do you mean by "it never authenticates them"? Do you mean that
> they cant log in?
>
> What should happen is this:
> 1) user logs in with old password
> 2) user prompted to enter their password again to upgrade it
> 3) user is logged in
>
> - Paul
>
>
> On 8/9/06, Christopher Palermo wrote:
> With the new version of campsite, Ive had trouble with users
> logging into the system.
>
> Once a user tries to log in, the server informs them that the
> security has been upgraded, and they need to log in again. It
> never authenticates them however. The only workaround I've
> found is to log in once, then go directly to the database, and
> change the password field in the users table for that
> particular user to:
>
> PASSWORD('old_password')
>
> ...and that seems to work.
>
> Any suggestions?
>
> Chris
>
>

*Vote Up*

Ondra-

Yes, this was the problem.

>
>
> 1) At certain point in past there was an issue, where database field for
> pasword was too short to keep the authentification string. Untill it was
> expanded, it cuts off the string and damaged the passwords
>
>
>

I've increased the size of the password field to 64, and now it works fine.

Thank you both.

Chris

Howdy, Stranger!

Categories

Poll

Top Posters