File Coverage

blib/lib/Dancer2/Plugin/CryptPassphrase.pm

Criterion	Covered	Total	%
statement	15	15	100.0
branch			n/a
condition			n/a
subroutine	5	5	100.0
pod			n/a
total	20	20	100.0

line	stmt	sub	time	code
1				package Dancer2::Plugin::CryptPassphrase;
2	1	1	70275	use strict;
	1		3
	1		31
3	1	1	6	use warnings;
	1		3
	1		70
4
5				our $VERSION = '0.003';
6				$VERSION = eval $VERSION;
7
8	1	1	643	use Dancer2::Plugin;
	1		290455
	1		15
9	1	1	54068	use Crypt::Passphrase;
	1		30836
	1		67
10	1		26	use Types::Standard qw(
11				ArrayRef
12				HashRef
13				InstanceOf
14				Str
15	1	1	15	);
	1		2
16
17				# CONFIG
18
19				has encoder => (
20				is => 'ro',
21				isa => HashRef \| Str,
22				from_config => sub {'Argon2'},
23				);
24
25				has validators => (
26				is => 'ro',
27				isa => ArrayRef [ HashRef \| Str ],
28				from_config => sub { [] },
29				);
30
31				# KEYWORDS
32
33				has crypt_passphrase => (
34				is => 'ro',
35				isa => InstanceOf ['Crypt::Passphrase'],
36				lazy => 1,
37				default => sub {
38				my $plugin = shift;
39				return Crypt::Passphrase->new(
40				encoder => $plugin->encoder,
41				validators => $plugin->validators,
42				);
43				},
44				handles => {
45				hash_password => 'hash_password',
46				password_needs_rehash => 'needs_rehash',
47				verify_password => 'verify_password',
48				},
49				);
50
51				plugin_keywords qw(
52				crypt_passphrase
53				hash_password
54				password_needs_rehash
55				verify_password
56				);
57
58				1;
59
60				=head1 NAME
61
62				Dancer2::Plugin::CryptPassphrase - use Crypt::Passphrase with Dancer2
63
64				=head1 SYNOPSIS
65
66				package My::App;
67				use Dancer2;
68				use Dancer2::Plugin::CryptPassphrase;
69
70				post '/login' => sub {
71				my $username = body_parameters->get('username');
72				my $password = body_parameters->get('password');
73				my $hash = my_get_hash_function($username);
74
75				if ( verify_password( $password, $hash ) ) {
76				# login success
77
78				if ( password_needs_rehash($hash) ) {
79				# upgrade hash in storage
80				my_update_hash_function( $username, hash_password($password) );
81				}
82
83				# ... do stuff
84				}
85				else {
86				# login failed
87
88				# ... do stuff
89				}
90				};
91
92				=head1 DESCRIPTION
93
94				This plugin integrates L<Crypt::Passphrase> with your L<Dancer2> app,
95
96				=head1 KEYWORDS
97
98				=head2 crypt_passphrase
99
100				Returns the C<Crypt::Passphrase> instance.
101
102				=head2 hash_password $password
103
104				Returns a new hash for the given C<$password>.
105
106				See also L<Crypt::Password/hash_password>.
107
108				=head2 password_needs_rehash $hash
109
110				Returns a true value if C<$hash> should be upgraded to use the current
111				L</encoder>.
112
113				See also L<Crypt::Password/needs_rehash>.
114
115				=head2 verify_password $password, $hash
116
117				Returns a true value if the C<$password> matches the given C<$hash>,
118				otherwise returns a false value.
119
120				See also L<Crypt::Password/verify_password>.
121
122				=head1 CONFIGURATION
123
124				Example:
125
126				plugins:
127				CryptPassphrase:
128				encoder:
129				module: Argon2
130				parallelism: 2
131				validators:
132				- +My::Old::Passphrase::Module
133				- Bcrypt
134
135				Configuration options are used as the arguments for L<Crypt::Passphrase/new>,
136				as follows:
137
138				=head2 encoder
139
140				Default: C<Argon2> with defaults from L<Crypt::Passphrase::Argon2>.
141
142				This can be one of two different things:
143
144				=over
145
146				=item * A simple string
147
148				The name of the encoder class. If the value starts with a C<+>, the C<+> will
149				be removed and the remainder will be taken as a fully-qualified package name.
150				Otherwise, C<Crypt::Passphrase::> will be prepended to the value.
151
152				The class will be loaded, and constructed without arguments.
153
154				=item * A hash
155
156				The C<module> entry will be used to load a new L<Crypt::Passphrase> module as
157				described above, the other arguments will be passed to the constructor. This
158				is the recommended option, as it gives you full control over the password
159				parameters.
160
161				=back
162
163				B<NOTE:> If you wish to use an encoder other than C<Argon2>, then you
164				need to install the appropriate C<Crypt::Passphrase::> module.
165
166				=head2 validators
167
168				Defaults to an empty list.
169
170				This is a list of additional validators for passwords. These values can each
171				be the same an L/<encoder> value.
172
173				The L</encoder> is always considered as a validator and thus doesn't need to be
174				explicitly specified.
175
176				=head1 SEE ALSO
177
178				L<Crypt::Passphrase>, L<Crypt::Passphrase::Argon2>.
179
180				=head1 AUTHOR
181
182				Peter Mottram (SysPete) <peter@sysnix.com>
183
184				=head1 CONTRIBUTORS
185
186				Leon Timmermans <leont@cpan.org>
187
188				=head1 COPYRIGHT
189
190				Copyright (c) 2022 the Dancer2::Plugin::CryptPassphrase L</AUTHOR>
191				and L</CONTRIBUTORS> as listed above.
192
193				The initial L</CONFIGURATION> documentation was taken from L<Crypt::Passphrase>
194				which is copyright (c) 2021 by Leon Timmermans <leont@cpan.org>.
195
196				=head1 LICENSE
197
198				This is free software; you can redistribute it and/or modify it under
199				the same terms as the Perl 5 programming language system itself.