I’m having another question about user management on a local anvil app server. As administrator of the app I created (with local user management, User’s table), I would like to have the possibility to either disable or delete another user, or to change the password of the other user.
Scanning through the API I have only found the possibility to change or reset the current user’s password. Additionally, it is possible to sign up another user.
Users in Anvil apps are just rows of the Users table, so you can do all these things by manipulating the rows directly. For example, if you’re logged in as an administrator:
@anvil.server.callable
def delete_user(email_address):
# TODO: Check that we're logged in as an administrator
app_tables.users.get(email=email_address).delete()
@anvil.server.callable
def disable_user(email_address):
# TODO: Check that we're logged in as an administrator
app_tables.users.get(email=email_address)['enabled'] = False
You could even set a new password directly:
import bcrypt
@anvil.server.callable
def set_password(email_address, new_password):
# TODO: Check that we're logged in as an administrator
new_pw_hash = bcrypt.hashpw(new_password.encode(), bcrypt.gensalt()).decode()
app_tables.users.get(email=email_address)['password_hash'] = new_pw_hash
We didn’t provide Anvil API to do these things, because you can do them directly in Python!
I’m among the people fighting the deficiency that setting a user’s password for them isn’t possible. I implemented this bcrypt hash mechanism, but the user login fails always. Any other ideas I can try to set a user’s password?
And, yes, I’m aware of “forgot password”. Lovely for a UI app. Not so helpful for an API only…
Follow up: To get around this I created a faux login page on the API app and forced a forgot email message to the user’s email in question. A LOT of work just to manually create a password. If I missed an obvious way to do this, please let me know! TIA
