<<

NAME

Koha::AuthUtils - utility routines for authentication

SYNOPSIS

    use Koha::AuthUtils qw/hash_password/;
    my $hash = hash_password($password);

DESCRIPTION

This module provides utility functions related to managing user passwords.

FUNCTIONS

hash_password

    my $hash = Koha::AuthUtils::hash_password($password, $settings);

generate_salt

    my $salt = Koha::Auth::generate_salt($strength, $length);
strength

For general password salting a $strength of weak is recommend, For generating a server-salt a $strength of strong is recommended

'strong' uses /dev/random which may block until sufficient entropy is acheived. 'weak' uses /dev/urandom and is non-blocking.

length

$length is a positive integer which specifies the desired length of the returned string

is_password_valid

my ( $is_valid, $error ) = is_password_valid( $password );

return $is_valid == 1 if the password match minPasswordLength and RequireStrongPassword conditions otherwise return $is_valid == 0 and $error will contain the error ('too_short' or 'too_weak')

generate_password

my password = generate_password();

Generate a password according to the minPasswordLength and RequireStrongPassword.

get_script_name

This returns the correct script name, for use in redirecting back to the correct page after showing the login screen. It depends on details of the package Plack configuration, and should not be used outside this context.

SEE ALSO

Crypt::Eksblowfish::Bcrypt(3)

<<