Catalyst::Plugin::Authentication::Credential::Password.3pm

Langue: en

Version: 2006-08-01 (mandriva - 01/05/08)

Section: 3 (Bibliothèques de fonctions)

NAME

Catalyst::Plugin::Authentication::Credential::Password - Authenticate a user with a password.

SYNOPSIS

     use Catalyst qw/
       Authentication
       Authentication::Store::Foo
       Authentication::Credential::Password
       /;
 
     package MyApp::Controller::Auth;
 
     # *** NOTE ***
     # if you place an action named 'login' in your application's root (as
     # opposed to inside a controller) the following snippet will recurse,
     # giving you lots of grief.
     # never name actions in the root controller after plugin methods - use
     # controllers and : Global instead.
 
     sub login : Local {
         my ( $self, $c ) = @_;
 
         $c->login( $c->req->param('username'), $c->req->param('password') );
     }
 
 

DESCRIPTION

This authentication credential checker takes a username (or userid) and a password, and tries various methods of comparing a password based on what the chosen store's user objects support:
clear text password
If the user has clear a clear text password it will be compared directly.
crypted password
If UNIX crypt hashed passwords are supported, they will be compared using perl's builtin "crypt" function.
hashed password
If the user object supports hashed passwords, they will be used in conjunction with Digest.

METHODS

login $username, $password
Try to log a user in.

$username can be a string (e.g. retrieved from a form) or an object. If the object is a Catalyst::Plugin::Authentication::User it will be used as is. Otherwise "$c->get_user" is used to retrieve it.

$password is a string.

If $username or $password are not provided, the query parameters "login", "user", "username" and "password", "passwd", "pass" will be tried instead.

After the user is logged in, the user object for the current logged in user can be retrieved from the context using the "$c->user" method.

The current user can be logged out again by calling the "$c->logout" method.

SUPPORTING THIS PLUGIN

For a User class to support credential verification using this plugin, it needs to indicate what sort of password a given user supports by implementing the "supported_features" method in one or many of the following ways:

Clear Text Passwords

Predicate:

         $user->supported_features(qw/password clear/);
 
 

Expected methods:

password
Returns the user's clear text password as a string to be compared with "eq".

Crypted Passwords

Predicate:

         $user->supported_features(qw/password crypted/);
 
 

Expected methods:

crypted_password
Return's the user's crypted password as a string, with the salt as the first two chars.

Hashed Passwords

Predicate:

         $user->supported_features(qw/password hashed/);
 
 

Expected methods:

hashed_password
Return's the hash of the user's password as binary.
hash_algorithm
Returns a string suitable for feeding into ``new'' in Digest.
password_pre_salt
password_post_salt
Returns a string to be hashed before/after the user's password. Typically only a pre-salt is used.

Crypt::SaltedHash Passwords

Predicate:

         $user->supported_features(qw/password salted_hash/);
 
 

Expected methods:

hashed_password
Returns the hash of the user's password as returned from Crypt-SaltedHash->generate.

Optional methods:

password_salt_len
Returns the length of salt used to generate the salted hash.