Rechercher une page de manuel
Catalyst::Plugin::Authentication::Credential::Password.3pm
Langue: en
Version: 2006-08-01 (mandriva - 01/05/08)
Section: 3 (Bibliothèques de fonctions)
NAME
Catalyst::Plugin::Authentication::Credential::Password - Authenticate a user with a password.SYNOPSIS
use Catalyst qw/ Authentication Authentication::Store::Foo Authentication::Credential::Password /; package MyApp::Controller::Auth; # *** NOTE *** # if you place an action named 'login' in your application's root (as # opposed to inside a controller) the following snippet will recurse, # giving you lots of grief. # never name actions in the root controller after plugin methods - use # controllers and : Global instead. sub login : Local { my ( $self, $c ) = @_; $c->login( $c->req->param('username'), $c->req->param('password') ); }
DESCRIPTION
This authentication credential checker takes a username (or userid) and a password, and tries various methods of comparing a password based on what the chosen store's user objects support:- clear text password
- If the user has clear a clear text password it will be compared directly.
- crypted password
- If UNIX crypt hashed passwords are supported, they will be compared using perl's builtin "crypt" function.
- hashed password
- If the user object supports hashed passwords, they will be used in conjunction with Digest.
METHODS
- login $username, $password
- Try to log a user in.
$username can be a string (e.g. retrieved from a form) or an object. If the object is a Catalyst::Plugin::Authentication::User it will be used as is. Otherwise "$c->get_user" is used to retrieve it.
$password is a string.
If $username or $password are not provided, the query parameters "login", "user", "username" and "password", "passwd", "pass" will be tried instead.
RELATED USAGE
After the user is logged in, the user object for the current logged in user can be retrieved from the context using the "$c->user" method.The current user can be logged out again by calling the "$c->logout" method.
SUPPORTING THIS PLUGIN
For a User class to support credential verification using this plugin, it needs to indicate what sort of password a given user supports by implementing the "supported_features" method in one or many of the following ways:Clear Text Passwords
Predicate:
$user->supported_features(qw/password clear/);
Expected methods:
- password
- Returns the user's clear text password as a string to be compared with "eq".
Crypted Passwords
Predicate:
$user->supported_features(qw/password crypted/);
Expected methods:
- crypted_password
- Return's the user's crypted password as a string, with the salt as the first two chars.
Hashed Passwords
Predicate:
$user->supported_features(qw/password hashed/);
Expected methods:
- hashed_password
- Return's the hash of the user's password as binary.
- hash_algorithm
- Returns a string suitable for feeding into ``new'' in Digest.
- password_pre_salt
- password_post_salt
- Returns a string to be hashed before/after the user's password. Typically only a pre-salt is used.
Crypt::SaltedHash Passwords
Predicate:
$user->supported_features(qw/password salted_hash/);
Expected methods:
- hashed_password
- Returns the hash of the user's password as returned from Crypt-SaltedHash->generate.
Optional methods:
- password_salt_len
- Returns the length of salt used to generate the salted hash.
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre