1Catalyst::AuthenticatioUns:e:rCrCeodnCetanrttiaiblauylts:et:d:P:aPAseusrtwlhoerDndot(ci3uc)maetnitoant:i:oCnredential::Password(3)
2
3
4
6 Catalyst::Authentication::Credential::Password - Authenticate a user
7 with a password.
8
10 use Catalyst qw/
11 Authentication
12 /;
13
14 package MyApp::Controller::Auth;
15
16 sub login : Local {
17 my ( $self, $c ) = @_;
18
19 $c->authenticate( { username => $c->req->param('username'),
20 password => $c->req->param('password') });
21 }
22
24 This authentication credential checker takes authentication information
25 (most often a username) and a password, and attempts to validate the
26 password provided against the user retrieved from the store.
27
29 # example
30 __PACKAGE__->config('Plugin::Authentication' =>
31 {
32 default_realm => 'members',
33 realms => {
34 members => {
35
36 credential => {
37 class => 'Password',
38 password_field => 'password',
39 password_type => 'hashed',
40 password_hash_type => 'SHA-1'
41 },
42 ...
43
44 The password module is capable of working with several different
45 password encryption/hashing algorithms. The one the module uses is
46 determined by the credential configuration.
47
48 Those who have used Catalyst::Plugin::Authentication prior to the 0.10
49 release should note that the password field and type information is no
50 longer part of the store configuration and is now part of the Password
51 credential configuration.
52
53 class
54 The classname used for Credential. This is part of
55 Catalyst::Plugin::Authentication and is the method by which
56 Catalyst::Authentication::Credential::Password is loaded as the
57 credential validator. For this module to be used, this must be set
58 to 'Password'.
59
60 password_field
61 The field in the user object that contains the password. This will
62 vary depending on the storage class used, but is most likely
63 something like 'password'. In fact, this is so common that if this
64 is left out of the config, it defaults to 'password'. This field is
65 obtained from the user object using the get() method. Essentially:
66 $user->get('passwordfieldname'); NOTE If the password_field is
67 something other than 'password', you must be sure to use that same
68 field name when calling $c->authenticate().
69
70 password_type
71 This sets the password type. Often passwords are stored in crypted
72 or hashed formats. In order for the password module to verify the
73 plaintext password passed in, it must be told what format the
74 password will be in when it is retreived from the user object. The
75 supported options are:
76
77 none No password check is done. An attempt is made to retrieve
78 the user based on the information provided in the
79 $c->authenticate() call. If a user is found, authentication
80 is considered to be successful.
81
82 clear The password in user is in clear text and will be compared
83 directly.
84
85 self_check
86 This option indicates that the password should be passed to
87 the check_password() routine on the user object returned
88 from the store.
89
90 crypted The password in user is in UNIX crypt hashed format.
91
92 salted_hash
93 The password in user is in salted hash format, and will be
94 validated using Crypt::SaltedHash. If this password type
95 is selected, you should also provide the password_salt_len
96 config element to define the salt length.
97
98 hashed If the user object supports hashed passwords, they will be
99 used in conjunction with Digest. The following config
100 elements affect the hashed configuration:
101
102 password_hash_type
103 The hash type used, passed directly to "new" in
104 Digest.
105
106 password_pre_salt
107 Any pre-salt data to be passed to "add" in Digest
108 before processing the password.
109
110 password_post_salt
111 Any post-salt data to be passed to "add" in Digest
112 after processing the password.
113
115 The Password credential module is very simple to use. Once configured
116 as indicated above, authenticating using this module is simply a matter
117 of calling $c->authenticate() with an authinfo hashref that includes
118 the password element. The password element should contain the password
119 supplied by the user to be authenticated, in clear text. The other
120 information supplied in the auth hash is ignored by the Password
121 module, and simply passed to the auth store to be used to retrieve the
122 user. An example call follows:
123
124 if ($c->authenticate({ username => $username,
125 password => $password} )) {
126 # authentication successful
127 } else {
128 # authentication failed
129 }
130
132 There are no publicly exported routines in the Password module (or
133 indeed in most credential modules.) However, below is a description of
134 the routines required by Catalyst::Plugin::Authentication for all
135 credential modules.
136
137 new( $config, $app, $realm )
138 Instantiate a new Password object using the configuration hash provided
139 in $config. A reference to the application is provided as the second
140 argument. Note to credential module authors: new() is called during
141 the application's plugin setup phase, which is before the application
142 specific controllers are loaded. The practical upshot of this is that
143 things like $c->model(...) will not function as expected.
144
145 authenticate( $authinfo, $c )
146 Try to log a user in, receives a hashref containing authentication
147 information as the first argument, and the current context as the
148 second.
149
150 check_password( )
151perl v5.28.1 Catal2y0s1t2:-:0A6u-t3h0entication::Credential::Password(3)