Invalid Salt

[bglogic]

I get an [Invalid salt] message when trying to login after creating an account and confirming the email.

[fake-name]

Well, that's annoying. I did recently update the session management stuff, let me see if that's the source of the issue.

[fake-name]

Ok, so one of the libraries is now broken. Let me see if I can figure out what happened,

[fake-name]

Flask-bcrypt started doing type conversions in a way that broke authentication everywhere, apparently. It's fixed now, in any event.

Accounts with passwords generated when flask was being dumb should be automatically patched when they login now too.

[bglogic]

This issue is back again

[fake-name]

Can you tell me the username you're seeing the issue from?

Alternatively, e-mail it to me at admin@wlnupdates.com, if you don't want it to be public.

[bglogic]

smmalmansoori

[bglogic]

Don't know if you did something on your side yet but now its working again

[fake-name]

I've been futzing with the auth packages trying to figure out what's going on.

There's some fiddly install-order-dependent things going on, not sure what.

[bglogic]

Don't know how much this would help but maybe it would help by simplifying your dependencies for example:

• remove flask-security (last release on on Jun 14, 2017) and use flask-login directly
• remove flask-bcrypt and use generate_password_hash

[fake-name]

Yeah, I mean, mostly my concern is breaking the currently functional (?) auth.

I would hope this sort of thing would be stable, but apparently that's too much to ask.

[bglogic]

You'll need to rehash with the new method on successful login. This way the old method will be eventually phased out.