From b986852c6499cd91dce2a6f8305918c08f1e76e0 Mon Sep 17 00:00:00 2001
From: Michael Snoyman <michael@snoyman.com>
Date: Thu, 30 Jun 2011 17:10:04 +0300
Subject: [PATCH] Use pwstore for email auth

---
 Yesod/Auth/Email.hs | 17 ++++++++++++-----
 yesod-auth.cabal    |  3 ++-
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/Yesod/Auth/Email.hs b/Yesod/Auth/Email.hs
index 797a0510..9f7beb96 100644
--- a/Yesod/Auth/Email.hs
+++ b/Yesod/Auth/Email.hs
@@ -26,6 +26,8 @@ import qualified Data.Text.Lazy as T
 import qualified Data.Text as TS
 import Data.Text.Lazy.Encoding (encodeUtf8)
 import Data.Text (Text)
+import qualified Crypto.PasswordStore as PS
+import qualified Data.Text.Encoding as DTE
 
 import Yesod.Form
 import Yesod.Handler
@@ -251,10 +253,9 @@ saltLength = 5
 
 -- | Salt a password with a randomly generated salt.
 saltPass :: Text -> IO Text
-saltPass pass = do
-    stdgen <- newStdGen
-    let salt = take saltLength $ randomRs ('A', 'Z') stdgen
-    return $ TS.pack $ saltPass' salt $ TS.unpack pass
+saltPass = fmap DTE.decodeUtf8
+         . flip PS.makePassword 12
+         . DTE.encodeUtf8
 
 saltPass' :: String -> String -> String
 saltPass' salt pass =
@@ -265,7 +266,13 @@ saltPass' salt pass =
 isValidPass :: Text -- ^ cleartext password
             -> SaltedPass -- ^ salted password
             -> Bool
-isValidPass clear' salted' =
+isValidPass ct salted =
+    PS.verifyPassword (DTE.encodeUtf8 ct) (DTE.encodeUtf8 salted) || isValidPass' ct salted
+
+isValidPass' :: Text -- ^ cleartext password
+            -> SaltedPass -- ^ salted password
+            -> Bool
+isValidPass' clear' salted' =
     let salt = take saltLength salted
      in salted == saltPass' salt clear
   where
diff --git a/yesod-auth.cabal b/yesod-auth.cabal
index fef6d125..ef4a3fcd 100644
--- a/yesod-auth.cabal
+++ b/yesod-auth.cabal
@@ -1,5 +1,5 @@
 name:            yesod-auth
-version:         0.6.0
+version:         0.6.1
 license:         BSD3
 license-file:    LICENSE
 author:          Michael Snoyman, Patrick Brisbin
@@ -42,6 +42,7 @@ library
                    , http-enumerator         >= 0.6       && < 0.7
                    , aeson                   >= 0.3.2.2   && < 0.4
                    , web-routes-quasi        >= 0.7       && < 0.8
+                   , pwstore-fast            >= 2.1       && < 2.2
 
     exposed-modules: Yesod.Auth
                      Yesod.Auth.Dummy