Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help

       Catalyst::Authentication::Credential::Password -	Authenticate a user
       with a password.

	   use Catalyst	qw/

	   package MyApp::Controller::Auth;

	   sub login : Local {
	       my ( $self, $c )	= @_;

	       $c->authenticate( { username => $c->req->param('username'),
				   password => $c->req->param('password') });

       This authentication credential checker takes authentication information
       (most often a username) and a password, and attempts to validate	the
       password	provided against the user retrieved from the store.

	   # example
	   __PACKAGE__->config('Plugin::Authentication'	=>
			   default_realm => 'members',
			   realms => {
			       members => {

				   credential => {
				       class =>	'Password',
				       password_field => 'password',
				       password_type =>	'hashed',
				       password_hash_type => 'SHA-1'

       The password module is capable of working with several different
       password	encryption/hashing algorithms. The one the module uses is
       determined by the credential configuration.

       Those who have used Catalyst::Plugin::Authentication prior to the 0.10
       release should note that	the password field and type information	is no
       longer part of the store	configuration and is now part of the Password
       credential configuration.

	   The classname used for Credential. This is part of
	   Catalyst::Plugin::Authentication and	is the method by which
	   Catalyst::Authentication::Credential::Password is loaded as the
	   credential validator. For this module to be used, this must be set
	   to 'Password'.

	   The field in	the user object	that contains the password. This will
	   vary	depending on the storage class used, but is most likely
	   something like 'password'. In fact, this is so common that if this
	   is left out of the config, it defaults to 'password'. This field is
	   obtained from the user object using the get() method. Essentially:
	   $user->get('passwordfieldname'); NOTE If the	password_field is
	   something other than	'password', you	must be	sure to	use that same
	   field name when calling $c->authenticate().

	   This	sets the password type.	 Often passwords are stored in crypted
	   or hashed formats.  In order	for the	password module	to verify the
	   plaintext password passed in, it must be told what format the
	   password will be in when it is retreived from the user object. The
	   supported options are:

	   none	   No password check is	done. An attempt is made to retrieve
		   the user based on the information provided in the
		   $c->authenticate() call. If a user is found,	authentication
		   is considered to be successful.

	   clear   The password	in user	is in clear text and will be compared

		   This	option indicates that the password should be passed to
		   the check_password()	routine	on the user object returned
		   from	the store.

	   crypted The password	in user	is in UNIX crypt hashed	format.

		   The password	in user	is in salted hash format, and will be
		   validated using Crypt::SaltedHash.  If this password	type
		   is selected,	you should also	provide	the password_salt_len
		   config element to define the	salt length.

	   hashed  If the user object supports hashed passwords, they will be
		   used	in conjunction with Digest. The	following config
		   elements affect the hashed configuration:

			   The hash type used, passed directly to "new"	in

			   Any pre-salt	data to	be passed to "add" in Digest
			   before processing the password.

			   Any post-salt data to be passed to "add" in Digest
			   after processing the	password.

       The Password credential module is very simple to	use. Once configured
       as indicated above, authenticating using	this module is simply a	matter
       of calling $c->authenticate() with an authinfo hashref that includes
       the password element. The password element should contain the password
       supplied	by the user to be authenticated, in clear text.	The other
       information supplied in the auth	hash is	ignored	by the Password
       module, and simply passed to the	auth store to be used to retrieve the
       user. An	example	call follows:

	   if ($c->authenticate({ username => $username,
				  password => $password} )) {
	       # authentication	successful
	   } else {
	       # authentication	failed

       There are no publicly exported routines in the Password module (or
       indeed in most credential modules.)  However, below is a	description of
       the routines required by	Catalyst::Plugin::Authentication for all
       credential modules.

   new(	$config, $app, $realm )
       Instantiate a new Password object using the configuration hash provided
       in $config. A reference to the application is provided as the second
       argument.  Note to credential module authors: new() is called during
       the application's plugin	setup phase, which is before the application
       specific	controllers are	loaded.	The practical upshot of	this is	that
       things like $c->model(...) will not function as expected.

   authenticate( $authinfo, $c )
       Try to log a user in, receives a	hashref	containing authentication
       information as the first	argument, and the current context as the

   check_password( )
perl v5.24.1		     Catalyst::Authentication::Credential::Password(3)


Want to link to this manual page? Use this URL:

home | help