I’m trying to setup login with a username and password via a custom form
I created a single user via the Anvil editor and reset the password to ensure that the hashing was carried out correctly. The login form passes the username and password to a server callable shown below. If I give the correct username the code always returns ‘Incorrect Password’. Presumably there is something wrong with the way I’m checking my pw hash in the elif line but I’ve seen many conflicting versions in the forum and Docs
Code Sample:
def login_with_username(username, password):
user = app_tables.users.get(username=username)
if user is None:
return 'No matching username'
elif bcrypt.hashpw(password.encode(), bcrypt.gensalt())==user['password_hash']:
anvil.users.force_login(user)
return 'Logged in'
else:
return 'Incorrect password'``
Why not use anvil.users.login_with_email and allow Anvil to do its thing? Anvil Docs | anvil.users
My users (a group of about 20) are also autheniticated users of a website which uses username/password authentication. Although I know that it is generally poor practice to use the same credentials on different sites. Security per se is not a huge issue as we are not storing any sensitive info.
I could use the default login form and tell my users to type their username where it says emai, (Anvil won’t mind) but this seems a bit of a kludge. I would prefer them to be asked for a username so I need a custom form and authentication.
Unless… Is it possible to modify the default form so that it says ‘Username’ instead of email?
anvil.users.login_with_email does not display a form. It takes an email and password and logs the user in if they match.
Thanks again Jay. Problem solved.
My server code now finds the user with the correct username, extracts his/her email and passes the email and password to anvil.users.login_with_email.
1 Like