mahara-contributors team mailing list archive

[Richard Mansfield <799594@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

When an admin creates a new user on the site, we always ensure that the
user is created with random salt, and either has an empty password or
their password encrypted with the salt, depending on the auth method.

To make sure this is true for new users created by other methods
(registration, xmlrpc), we can move the function to encrypt the password
into the create_user() function and avoid some duplication.

** Affects: mahara
     Importance: Low
     Assignee: Richard Mansfield (richard-mansfield)
         Status: In Progress

** Changed in: mahara
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/799594

Title:
  Ensure all new users without passwords have salt set

Status in Mahara ePortfolio:
  In Progress

Bug description:
  When an admin creates a new user on the site, we always ensure that
  the user is created with random salt, and either has an empty password
  or their password encrypted with the salt, depending on the auth
  method.

  To make sure this is true for new users created by other methods
  (registration, xmlrpc), we can move the function to encrypt the
  password into the create_user() function and avoid some duplication.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/799594/+subscriptions