3 package Catalyst::Plugin::Authentication::Credential::Password;
9 use Catalyst::Exception ();
13 my ( $self, $c, $user, $password ) = @_;
14 $user = $c->get_user($user)
15 unless Scalar::Util::blessed($user)
16 and $user->isa("Catalyst:::Plugin::Authentication::User");
18 if ( $c->_check_password( $user, $password ) ) {
19 $c->set_authenticated($user);
28 my ( $c, $user, $password ) = @_;
30 if ( $user->supports(qw/password clear/) ) {
31 return $user->password eq $password;
33 elsif ( $user->supports(qw/password crypted/) ) {
34 my $crypted = $user->crypted_password;
35 return $crypted eq crypt( $password, $crypted );
37 elsif ( $user->supports(qw/password hashed/) ) {
38 my $d = Digest->new( $user->hash_algorithm );
39 $d->add( $user->password_pre_salt || '' );
41 $d->add( $user->password_post_salt || '' );
42 return $c->digest eq $user->hashed_password;
45 Catalyst::Exception->throw(
46 "The user object $user does not support any "
47 . "known password authentication mechanism." );
59 Catalyst:::Plugin::Authentication::Credential::Password - Authenticate a user
66 Authentication::Store::Foo
67 Authentication::Credential::Password
71 my ( $self, $c ) = @_;
73 $c->login( $c->req->param('login'), $c->req->param('password') );
78 This authentication credential checker takes a user and a password, and tries
79 various methods of comparing a password based on what the user supports:
83 =item clear text password
85 If the user has clear a clear text password it will be compared directly.
87 =item crypted password
89 If UNIX crypt hashed passwords are supported, they will be compared using
90 perl's builtin C<crypt> function.
94 If the user object supports hashed passwords, they will be used in conjunction
103 =item login $user, $password
105 Try to log a user in.
107 $user can be an ID or object. If it isa
108 L<Catalyst:::Plugin::Authentication::User> it will be used as is. Otherwise
109 C<< $c->get_user >> is used to retrieve it.
111 $password is a string.