3 package Catalyst::Plugin::Authentication::Credential::Password;
9 use Catalyst::Exception ();
13 my ( $c, $user, $password ) = @_;
14 $user = $c->get_user($user)
15 unless Scalar::Util::blessed($user)
16 and $user->isa("Catalyst:::Plugin::Authentication::User");
18 if ( $c->_check_password( $user, $password ) ) {
19 $c->set_authenticated($user);
28 my ( $c, $user, $password ) = @_;
30 if ( $user->supports(qw/password clear/) ) {
31 return $user->password eq $password;
33 elsif ( $user->supports(qw/password crypted/) ) {
34 my $crypted = $user->crypted_password;
35 return $crypted eq crypt( $password, $crypted );
37 elsif ( $user->supports(qw/password hashed/) ) {
38 my $d = Digest->new( $user->hash_algorithm );
39 $d->add( $user->password_pre_salt || '' );
41 $d->add( $user->password_post_salt || '' );
42 return $d->digest eq $user->hashed_password;
44 elsif ( $user->supports(qw/password self_check/) ) {
45 # while somewhat silly, this is to prevent code duplication
46 return $c->user->check_password( $password );
49 Catalyst::Exception->throw(
50 "The user object $user does not support any "
51 . "known password authentication mechanism." );
63 Catalyst:::Plugin::Authentication::Credential::Password - Authenticate a user
70 Authentication::Store::Foo
71 Authentication::Credential::Password
75 my ( $self, $c ) = @_;
77 $c->login( $c->req->param('login'), $c->req->param('password') );
82 This authentication credential checker takes a user and a password, and tries
83 various methods of comparing a password based on what the user supports:
87 =item clear text password
89 If the user has clear a clear text password it will be compared directly.
91 =item crypted password
93 If UNIX crypt hashed passwords are supported, they will be compared using
94 perl's builtin C<crypt> function.
98 If the user object supports hashed passwords, they will be used in conjunction
107 =item login $user, $password
109 Try to log a user in.
111 $user can be an ID or object. If it isa
112 L<Catalyst:::Plugin::Authentication::User> it will be used as is. Otherwise
113 C<< $c->get_user >> is used to retrieve it.
115 $password is a string.
119 =head1 SUPPORTING THIS PLUGIN
121 =head2 Clear Text Passwords
125 $user->supports(qw/password clear/);
133 Returns the user's clear text password as a string to be compared with C<eq>.
137 =head2 Crypted Passwords
141 $user->supports(qw/password crypted/);
147 =item crypted_password
149 Return's the user's crypted password as a string, with the salt as the first two chars.
153 =head2 Hashed Passwords
157 $user->supports(qw/password hashed/);
163 =item hashed_passwords
165 Return's the hash of the user's password as B<binary>.
169 Returns a string suitable for feeding into L<Digest/new>.
171 =item password_pre_salt
173 =item password_post_salt
175 Returns a string to be hashed before/after the user's password. Typically only