יובל קוג'מן (Yuval Kogman) > Catalyst-Plugin-Authentication-0.09 > Catalyst::Plugin::Authentication::Credential::Password

Download:
Catalyst-Plugin-Authentication-0.09.tar.gz

Dependencies

Annotate this POD (1)

CPAN RT

New  4
Open  5
View/Report Bugs
Source   Latest Release: Catalyst-Plugin-Authentication-0.10023

NAME ^

Catalyst::Plugin::Authentication::Credential::Password - Authenticate a user with a password.

SYNOPSIS ^

    use Catalyst qw/
      Authentication
      Authentication::Store::Foo
      Authentication::Credential::Password
      /;

    package MyApp::Controller::Auth;

    # *** NOTE ***
    # if you place an action named 'login' in your application's root (as
    # opposed to inside a controller) the following snippet will recurse,
    # giving you lots of grief.
    # never name actions in the root controller after plugin methods - use
    # controllers and : Global instead.

    sub login : Local {
        my ( $self, $c ) = @_;

        $c->login( $c->req->param('username'), $c->req->param('password') );
    }

DESCRIPTION ^

This authentication credential checker takes a username (or userid) and a password, and tries various methods of comparing a password based on what the chosen store's user objects support:

clear text password

If the user has clear a clear text password it will be compared directly.

crypted password

If UNIX crypt hashed passwords are supported, they will be compared using perl's builtin crypt function.

hashed password

If the user object supports hashed passwords, they will be used in conjunction with Digest.

METHODS ^

login $username, $password

Try to log a user in.

$username can be a string (e.g. retrieved from a form) or an object. If the object is a Catalyst::Plugin::Authentication::User it will be used as is. Otherwise $c->get_user is used to retrieve it.

$password is a string.

If $username or $password are not provided, the query parameters login, user, username and password, passwd, pass will be tried instead.

RELATED USAGE ^

After the user is logged in, the user object for the current logged in user can be retrieved from the context using the $c->user method.

The current user can be logged out again by calling the $c->logout method.

SUPPORTING THIS PLUGIN ^

For a User class to support credential verification using this plugin, it needs to indicate what sort of password a given user supports by implementing the supported_features method in one or many of the following ways:

Clear Text Passwords

Predicate:

        $user->supported_features(qw/password clear/);

Expected methods:

password

Returns the user's clear text password as a string to be compared with eq.

Crypted Passwords

Predicate:

        $user->supported_features(qw/password crypted/);

Expected methods:

crypted_password

Return's the user's crypted password as a string, with the salt as the first two chars.

Hashed Passwords

Predicate:

        $user->supported_features(qw/password hashed/);

Expected methods:

hashed_password

Return's the hash of the user's password as binary.

hash_algorithm

Returns a string suitable for feeding into "new" in Digest.

password_pre_salt
password_post_salt

Returns a string to be hashed before/after the user's password. Typically only a pre-salt is used.

Crypt::SaltedHash Passwords

Predicate:

        $user->supported_features(qw/password salted_hash/);

Expected methods:

hashed_password

Returns the hash of the user's password as returned from Crypt-SaltedHash->generate.

Optional methods:

password_salt_len

Returns the length of salt used to generate the salted hash.

syntax highlighting: