haskell/yesod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use pwstore for email auth

Browse Source
This commit is contained in:
Michael Snoyman 2011-06-30 17:10:04 +03:00
parent c676a7eb0a
commit b986852c64
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Yesod/Auth/Email.hs
View File

@ -26,6 +26,8 @@ import qualified Data.Text.Lazy as T
import qualified Data.Text as TS import qualified Data.Text as TS
import Data.Text.Lazy.Encoding (encodeUtf8) import Data.Text.Lazy.Encoding (encodeUtf8)
import Data.Text (Text) import Data.Text (Text)
import qualified Crypto.PasswordStore as PS
import qualified Data.Text.Encoding as DTE
import Yesod.Form import Yesod.Form
import Yesod.Handler import Yesod.Handler
@ -251,10 +253,9 @@ saltLength = 5
-- | Salt a password with a randomly generated salt. -- | Salt a password with a randomly generated salt.
saltPass :: Text -> IO Text saltPass :: Text -> IO Text
saltPass pass = do saltPass = fmap DTE.decodeUtf8
stdgen <- newStdGen . flip PS.makePassword 12
let salt = take saltLength $ randomRs ('A', 'Z') stdgen . DTE.encodeUtf8
return $ TS.pack $ saltPass' salt $ TS.unpack pass
saltPass' :: String -> String -> String saltPass' :: String -> String -> String
saltPass' salt pass = saltPass' salt pass =
@ -265,7 +266,13 @@ saltPass' salt pass =
isValidPass :: Text -- ^ cleartext password isValidPass :: Text -- ^ cleartext password
-> SaltedPass -- ^ salted password -> SaltedPass -- ^ salted password
-> Bool -> Bool
isValidPass clear' salted' = isValidPass ct salted =
PS.verifyPassword (DTE.encodeUtf8 ct) (DTE.encodeUtf8 salted) || isValidPass' ct salted
isValidPass' :: Text -- ^ cleartext password
-> SaltedPass -- ^ salted password
-> Bool
isValidPass' clear' salted' =
let salt = take saltLength salted let salt = take saltLength salted
in salted == saltPass' salt clear in salted == saltPass' salt clear
where where

3
yesod-auth.cabal
View File

@ -1,5 +1,5 @@
name: yesod-auth name: yesod-auth
version: 0.6.0 version: 0.6.1
license: BSD3 license: BSD3
license-file: LICENSE license-file: LICENSE
author: Michael Snoyman, Patrick Brisbin author: Michael Snoyman, Patrick Brisbin
@ -42,6 +42,7 @@ library
, http-enumerator >= 0.6 && < 0.7 , http-enumerator >= 0.6 && < 0.7
, aeson >= 0.3.2.2 && < 0.4 , aeson >= 0.3.2.2 && < 0.4
, web-routes-quasi >= 0.7 && < 0.8 , web-routes-quasi >= 0.7 && < 0.8
, pwstore-fast >= 2.1 && < 2.2
exposed-modules: Yesod.Auth exposed-modules: Yesod.Auth
Yesod.Auth.Dummy Yesod.Auth.Dummy