1 package Apache2
::Authen
::Passphrase
0.001;
6 use parent qw
/Exporter/;
9 USER_REGEX
=> qr/^\w{2,20}$/pa,
10 PASSPHRASE_VERSION
=> 1,
11 INVALID_USER
=> "invalid-user\n",
12 BAD_PASSWORD
=> "bad-password\n",
15 use Apache2
::RequestRec
;
17 use Apache2
::Const qw
/OK HTTP_UNAUTHORIZED/;
18 use Authen
::Passphrase
;
19 use Authen
::Passphrase
::BlowfishCrypt
;
20 use YAML
::Any qw
/LoadFile DumpFile/;
22 our @EXPORT_OK = qw
/pwset pwcheck pwhash USER_REGEX PASSPHRASE_VERSION INVALID_USER BAD_PASSWORD/;
24 ##################################################
31 my $ppr=Authen
::Passphrase
::BlowfishCrypt
->new(
43 my $file = "$rootdir/us/$user.yml";
44 my $conf = eval { LoadFile
$file } // undef;
45 $conf->{passphrase
}=pwhash
$pass;
46 $conf->{passphrase_version
}=PASSPHRASE_VERSION
;
47 DumpFile
$file, $conf;
54 die INVALID_USER
unless $user =~ USER_REGEX
;
55 $user=${^MATCH
};# Make taint shut up
56 my $conf=LoadFile
"$rootdir/us/$user.yml";
58 die BAD_PASSWORD
unless keys $conf;# Empty hash means no such user
59 die BAD_PASSWORD
unless Authen
::Passphrase
->from_rfc2307($conf->{passphrase
})->match($pass);
60 pwset
$user, $pass if $conf->{passphrase_version
} < PASSPHRASE_VERSION
66 my ($rc, $pass) = $r->get_basic_auth_pw;
67 return $rc unless $rc == OK
;
70 unless (eval { pwcheck
$user, $pass; 1 }) {
71 $r->note_basic_auth_failure;
72 return HTTP_UNAUTHORIZED
83 Apache2::Authen::Passphrase - basic authentication with Authen::Passphrase
87 use Apache2::Authen::Passphrase qw/pwcheck pwset pwhash/;
88 my $hash = pwhash $username, $password;
89 pwset $username, "pass123";
90 eval { pwcheck $username, "pass123" };
94 PerlAuthenHandler Apache2::Authen::Passphrase
101 Apache2::Authen::Passphrase is a perl module which provides easy-to-use Apache2 authentication. It exports some utility functions and it contains a PerlAuthenHandler.
109 Takes the password as a single argument and returns the password hash.
111 =item B<pwset>(I<$username>, I<$password>)
113 Sets the password of $username to $password.
115 =item B<pwcheck>(I<$username>, I<$password>)
117 Checks the given username and password, throwing an exception if the username is invalid or the password is incorrect.
121 The PerlAuthenHandler for use in apache2. It uses Basic Access Authentication.
125 A regex that matches valid usernames. Usernames must be at least 2 characters, at most 20 characters, and they may only contain word characters (C<[A-Za-z0-9_]>).
127 =item B<INVALID_USER>
129 Exception thrown if the username does not match C<USER_REGEX>.
131 =item B<BAD_PASSWORD>
133 Exception thrown if the password is different from the one stored in the user's yml file.
135 =item B<PASSPHRASE_VERSION>
137 The version of the passphrase. It is incremented each time the passphrase hashing scheme is changed. Versions so far:
141 =item Version 1 B<(current)>
143 Uses C<Authen::Passphrase::BlowfishCrypt> with a cost factor of 10
151 Marius Gavrilescu, E<lt>marius@ieval.roE<gt>
153 =head1 COPYRIGHT AND LICENSE
155 Copyright (C) 2013 by Marius Gavrilescu
157 This library is free software; you can redistribute it and/or modify
158 it under the same terms as Perl itself, either Perl version 5.14.2 or,
159 at your option, any later version of Perl 5 you may have available.
This page took 0.028818 seconds and 4 git commands to generate.