Moved hash_password and made public.
The hash_password method needs to be public to allow the initial generation of user accounts.
This commit is contained in:
parent
ad8b679ce0
commit
cb1df80700
@ -119,6 +119,31 @@ sub authenticate {
|
||||
}
|
||||
|
||||
|
||||
## @method $ hash_password($password, $settings)
|
||||
# Generate a salted hash of the supplied password. This will create a 59 character
|
||||
# long string containing the hashed password and its salt suitable for storing in
|
||||
# the database. If the $settings string is not provided, one will be generated.
|
||||
# When creating accounts, $settings will be omitted unless the caller wants to
|
||||
# provide its own salting system. When checking passwords, password should be the
|
||||
# password being checked, and settings should be a hash string previously
|
||||
# generated by this function. The result of this function can then be compared to
|
||||
# the stored hash to determine whether the password is correct.
|
||||
#
|
||||
# @param password The plain-text password to check.
|
||||
# @param settings An optional settings string, leave undefined for new accounts,
|
||||
# set to a previously generated hash string when doing password
|
||||
# validity checking.
|
||||
# @return A bcrypt() generated, 59 character hash containing the settings string
|
||||
# and the hashed, salted password.
|
||||
sub hash_password {
|
||||
my $self = shift;
|
||||
my $password = shift;
|
||||
my $settings = shift || generate_settings($self -> {"bcrypt_cost"});
|
||||
|
||||
return bcrypt($password, $settings);
|
||||
}
|
||||
|
||||
|
||||
# ============================================================================
|
||||
# Ghastly internals
|
||||
|
||||
@ -163,29 +188,4 @@ sub generate_settings {
|
||||
return '$2$'.$cost.'$'.en_base64($buffer);
|
||||
}
|
||||
|
||||
|
||||
## @method private $ hash_password($password, $settings)
|
||||
# Generate a salted hash of the supplied password. This will create a 59 character
|
||||
# long string containing the hashed password and its salt suitable for storing in
|
||||
# the database. If the $settings string is not provided, one will be generated.
|
||||
# When creating accounts, $settings will be omitted unless the caller wants to
|
||||
# provide its own salting system. When checking passwords, password should be the
|
||||
# password being checked, and settings should be a hash string previously
|
||||
# generated by this function. The result of this function can then be compared to
|
||||
# the stored hash to determine whether the password is correct.
|
||||
#
|
||||
# @param password The plain-text password to check.
|
||||
# @param settings An optional settings string, leave undefined for new accounts,
|
||||
# set to a previously generated hash string when doing password
|
||||
# validity checking.
|
||||
# @return A bcrypt() generated, 59 character hash containing the settings string
|
||||
# and the hashed, salted password.
|
||||
sub hash_password {
|
||||
my $self = shift;
|
||||
my $password = shift;
|
||||
my $settings = shift || generate_settings($self -> {"bcrypt_cost"});
|
||||
|
||||
return bcrypt($password, $salt);
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user