$d->add($password);
$d->add( $user->password_post_salt || '' );
- my $stored = $user->hashed_password;
- my $computed = $d->digest;
+ my $stored = $user->hashed_password;
+ my $computed = $d->clone()->digest;
+ my $b64computed = $d->clone()->b64digest;
return ( ( $computed eq $stored )
- || ( unpack( "H*", $computed ) eq $stored ) );
+ || ( unpack( "H*", $computed ) eq $stored )
+ || ( $b64computed eq $stored)
+ || ( $b64computed.'=' eq $stored) );
}
elsif ( $user->supports(qw/password salted_hash/) ) {
require Crypt::SaltedHash;
use Test::Exception;
use Digest::MD5 qw/md5/;
+ use Digest::SHA1 qw/sha1_base64/;
our $users;
is( $c->user, $users->{gorch}, "user object is in proper place");
$c->logout;
+ ok($c->login("shabaz", "s3cr3t"), "can login with base64 hashed");
+ is( $c->user, $users->{shabaz}, "user object is in proper place");
+ $c->logout;
+
+ ok($c->login("sadeek", "s3cr3t"), "can login with padded base64 hashed");
+ is( $c->user, $users->{sadeek}, "user object is in proper place");
+ $c->logout;
+
ok(!$c->login( "bar", "bad pass" ), "can't login with bad password");
ok(!$c->user, "no user");
hashed_password => md5("s3cr3t"),
hash_algorithm => "MD5",
},
+ shabaz => {
+ hashed_password => sha1_base64("s3cr3t"),
+ hash_algorithm => "SHA-1"
+ },
+ sadeek => {
+ hashed_password => sha1_base64("s3cr3t").'=',
+ hash_algorithm => "SHA-1"
+ },
baz => {},
};