in reply to How to use salt with CGI::Application::Plugin::Authentication
I've never seen anyone store salts in a separate table - that's pretty weird. The salt is normally appended to the password, and the two stored together in the same table column.
So, what you would normally see looks more like this:
__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'crypt:password' => '__CREDENTIAL_2__' }, ], );
Note that there's only one table, so there's no need for a join, but since the password is encoded, you need a 'COLUMNS' field.
But what you really want is MD5 encryption. To do that, you need to write a custom filter using Crypt::PasswdMD5, call it cryptmd5, then use it like this:
__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'cryptmd5:password' => '__CREDENTIAL_2__' }, FILTERS => { cryptmd5 => \&cryptmd5_filter }, ], );
Implement cryptmd5_filter just like crypt_filter (see the CGI::Application::Plugin::Authentication::Driver::Filter::crypt source), only replace crypt() with unix_md5_crypt(). I think that will do what you want.