Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: Perl Catalyst

by Your Mother (Bishop)
on Oct 10, 2018 at 17:37 UTC ( #1223810=note: print w/replies, xml ) Need Help??


in reply to Perl Catalyst

You seem to be configuring the DB column wrongly, at least, for DBIC. Try following this doc and ensuring you have the module installed: DBIx::Class::EncodedColumn::Crypt::PBKDF2. If that doesn't work, let us know and I'll try to dig deeper. Snippet from it–

__PACKAGE__->add_columns( 'password' => { data_type => 'text', encode_column => 1, encode_class => 'Crypt::PBKDF2', encode_args => { hash_class => 'HMACSHA1', iterations => 1000 }, encode_check_method => 'check_password', } )

Replies are listed 'Best First'.
Re^2: Perl Catalyst
by akuk (Sexton) on Oct 10, 2018 at 18:14 UTC

    Thanks for this information.

    App File, Authentication settings

    'Plugin::Authentication' => { default_realm => 'members', members => { credential => { class => 'Password', password_field => 'password', password_type => 'self_check' }, store => { class => 'DBIx::Class', user_model => 'DB::User', } } },

    modified add_columns in the User

    __PACKAGE__->add_columns( 'password' => { data_type => 'varchar', encode_column => 1, encode_class => 'Crypt::PBKDF2', encode_args => { hash_class => 'HMACSHA2', hash_args => { sha_size => 512, }, iterations => 10000, salt_len => 10, }, encode_check_method => 'check_password', } );

    data type of password field is varchar type, hence the varchar is used in the above code.

    To my surprise, when I changed the password of the user through a script, it is not encrypting the password field

    .
    #!/usr/bin/perl use strict; use warnings; use MyApp::Schema; my $schema = MyApp::Schema->connect('dbi:mysql:database', 'root', ''); my @users = $schema->resultset('User')->all; # Just traversing the User foreach my $user (@users) { if ($user->email eq 'xyz') { $user->password('password'); $user->update; } }

    when I checked the database, it stores the password in the clear text whereas it should save it in the encrypted format.

      Finally, I figured it out, how to authenticate using Crypt::PBKDF2

      Just in case anyone else stuck in this loop. Here is the way

      # In App.pm 'Plugin::Authentication' => { default_realm => 'members', members => { credential => { class => 'Password', password_field => 'password', password_type => 'self_check' }, store => { class => 'DBIx::Class', user_model => 'DB::User', } } },

      And now the DB::User file

      __PACKAGE__->load_components("InflateColumn::DateTime", "TimeStam +p", "EncodedColumn"); # Pay special attention to EncodedColumn, I was using passphrase colum +n there. That my silly mistake and it cost me hours # and now add_columns __PACKAGE__->add_columns( 'password' => { data_type => 'text', encode_column => 1, encode_class => 'Crypt::PBKDF2', encode_args => { hash_class => 'HMACSHA2', hash_args => { sha_size => 512, }, iterations => 10000, salt_len => 10, }, encode_check_method => 'check_password', } );

      And this works for me. Thanks for the assistance "@Your Mother"

        Thank you for digging the answer out. I was going to try later tonight so you saved me, and future seekers, the trouble. :P

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1223810]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (5)
As of 2019-11-18 20:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Strict and warnings: which comes first?



    Results (92 votes). Check out past polls.

    Notices?