<<

NAME

Koha::AuthUtils - utility routines for authentication

SYNOPSIS

    use Koha::AuthUtils qw/hash_password/;
    my $hash = hash_password($password);

DESCRIPTION

This module provides utility functions related to managing user passwords.

FUNCTIONS

hash_password

    my $hash = Koha::AuthUtils::hash_password($password, $settings);

Hash $password using Bcrypt. Accepts an extra $settings parameter for salt. If $settings is not passed, a new salt is generated.

WARNING: If this method implementation is changed in the future, as of bug 28772 there's at least one DBRev that uses this code and should be taken care of.

generate_salt

    my $salt = Koha::Auth::generate_salt($strength, $length);
strength

For general password salting a $strength of weak is recommend, For generating a server-salt a $strength of strong is recommended

'strong' uses /dev/random which may block until sufficient entropy is achieved. 'weak' uses /dev/urandom and is non-blocking.

length

$length is a positive integer which specifies the desired length of the returned string

is_password_valid

my ( $is_valid, $error ) = is_password_valid( $password, $category );

return $is_valid == 1 if the password match category's minimum password length and strength if provided, or general minPasswordLength and RequireStrongPassword conditions otherwise return $is_valid == 0 and $error will contain the error ('too_short' or 'too_weak')

generate_password

my password = generate_password($category);

Generate a password according to category's minimum password length and strength if provided, or to the minPasswordLength and RequireStrongPassword system preferences.

get_script_name

This returns the correct script name, for use in redirecting back to the correct page after showing the login screen. It depends on details of the package Plack configuration, and should not be used outside this context.

SEE ALSO

Crypt::Eksblowfish::Bcrypt(3)

<<