@@ -1,5 +1,12 @@
Revision history for Dancer2-Plugin-Auth-Extensible
+0.401 Wed Jun 10 19:23:30 2015 CEST
+
+ [ENHANCEMENTS]
+
+ * Allow custom random password generator to be specified
+ (Andrew Beverly, GH #23).
+
0.400 Thu May 21 08:36:36 2015 CEST
[ENHANCEMENTS]
@@ -4,7 +4,7 @@
"David Precious <davidp@preshweb.co.uk>"
],
"dynamic_config" : 1,
- "generated_by" : "ExtUtils::MakeMaker version 7.04, CPAN::Meta::Converter version 2.142690",
+ "generated_by" : "ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.150001",
"license" : [
"perl_5"
],
@@ -50,5 +50,5 @@
"url" : "https://github.com/PerlDancer/Dancer2-Plugin-Auth-Extensible"
}
},
- "version" : "0.400"
+ "version" : "0.401"
}
@@ -7,7 +7,7 @@ build_requires:
configure_requires:
ExtUtils::MakeMaker: '0'
dynamic_config: 1
-generated_by: 'ExtUtils::MakeMaker version 7.04, CPAN::Meta::Converter version 2.142690'
+generated_by: 'ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.150001'
license: perl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
@@ -27,4 +27,4 @@ resources:
bugtracker: https://github.com/PerlDancer/Dancer2-Plugin-Auth-Extensible/issues
homepage: https://github.com/PerlDancer/Dancer2-Plugin-Auth-Extensible/
repository: https://github.com/PerlDancer/Dancer2-Plugin-Auth-Extensible
-version: '0.400'
+version: '0.401'
@@ -525,6 +525,11 @@ CONTROLLING ACCESS TO ROUTES
allow the user to enter their username and request a reset password
link.
+ By default, the default handlers will generate a random 8 character
+ password using Session::Token. To use your own function, set
+ `password_generator' in your configuration. See the SAMPLE CONFIGURATION
+ for an example.
+
If using `login_page_handler' to replace the default login page, you can
still use the default password reset handlers. Add 2 controls to your
form for submitting a password reset request: a text input called
@@ -568,6 +573,7 @@ CONTROLLING ACCESS TO ROUTES
# Set to true to enable password reset code in the default handlers
reset_password_handler: 1
+ password_generator: My::App::random_pw # Optional random password generator
# Set to a true value to enable recording of successful last login times
record_lastlogin: 1
@@ -3,7 +3,7 @@ package Dancer2::Plugin::Auth::Extensible::Provider::Base;
use strict;
use Crypt::SaltedHash;
-our $VERSION = '0.400';
+our $VERSION = '0.401';
=head1 NAME
@@ -3,7 +3,7 @@ package Dancer2::Plugin::Auth::Extensible::Provider::Config;
use strict;
use base "Dancer2::Plugin::Auth::Extensible::Provider::Base";
-our $VERSION = '0.400';
+our $VERSION = '0.401';
=head1 NAME
@@ -5,7 +5,7 @@ use base 'Dancer2::Plugin::Auth::Extensible::Provider::Base';
use Dancer2::Plugin::Database;
use Dancer2 qw(:syntax);
-our $VERSION = '0.400';
+our $VERSION = '0.401';
=head1 NAME
@@ -3,7 +3,7 @@ package Dancer2::Plugin::Auth::Extensible::Provider::Example;
use strict;
use base "Dancer2::Plugin::Auth::Extensible::Provider::Base";
-our $VERSION = '0.400';
+our $VERSION = '0.401';
# A more sensible provider would be likely to get this information from e.g. a
# database (or LDAP, or...) rather than hardcoding it. This, however, is an
@@ -5,7 +5,7 @@ use base 'Dancer2::Plugin::Auth::Extensible::Provider::Base';
use Authen::Simple::PAM;
use Unix::Passwd::File;
-our $VERSION = '0.400';
+our $VERSION = '0.401';
=head1 NAME
@@ -8,7 +8,7 @@ use Dancer2::Plugin;
use Class::Load qw(try_load_class);
use Session::Token;
-our $VERSION = '0.400';
+our $VERSION = '0.401';
my $settings;
@@ -1000,6 +1000,10 @@ documentation above). Once this is done, the default login page will contain
additional form controls to allow the user to enter their username and request
a reset password link.
+By default, the default handlers will generate a random 8 character password using
+L<Session::Token>. To use your own function, set C<password_generator> in your
+configuration. See the L<SAMPLE CONFIGURATION> for an example.
+
If using C<login_page_handler> to replace the default login page, you can still
use the default password reset handlers. Add 2 controls to your form for
submitting a password reset request: a text input called username_reset for the
@@ -1050,6 +1054,7 @@ In your application's configuation file:
# Set to true to enable password reset code in the default handlers
reset_password_handler: 1
+ password_generator: My::App::random_pw # Optional random password generator
# Set to a true value to enable recording of successful last login times
record_lastlogin: 1
@@ -1218,6 +1223,10 @@ on_plugin_import {
}
};
+sub _default_password_generator {
+ Session::Token->new(length => 8)->get;
+}
+
# implementation of post login route
sub _post_login_route {
my $app = shift;
@@ -1235,7 +1244,11 @@ sub _post_login_route {
&& $app->request->param('confirm_reset')
&& $app->request->splat;
if ($code) {
- my $randompw = Session::Token->new(length => 8)->get;
+ my $_password_generator =
+ $settings->{password_generator}
+ || '_default_password_generator';
+ no strict 'refs';
+ my $randompw = &{$_password_generator};
if (user_password($app, code => $code, new_password => $randompw)) {
$app->forward($loginpage, { new_password => $randompw }, { method => 'GET' });
}