in reply to comparing md5 hashed passwords
I must be missing something here:
I'm using some code that wraps around DBIx::UserDB to build and manipulate a database of authentication keys. I want to access those tables with the CGI::Application::Plugin::Authentication to guard the entrance to applications built behind that front door.mysql> select uid, username, password from userdb; +-----+------------+------------------------------------------------+ | uid | username | password | +-----+------------+------------------------------------------------+ | 2 | hesco | password | | 35 | md5 | 05;X@9WL<JL&TU3!8@`L&[P`` | | 36 | md5_hex | @-35B93(P-C<W8C%C86%C,6(T9#4S,#4X.#`P8C`V968` | | 37 | md5_base64 | 65F(T9UHS<V-Q<T<P,51"66=!<T<W=P`` | +-----+------------+------------------------------------------------+ 4 rows in set (0.00 sec)
The four users above all have the password "password", encoded, to the best of my knowledge using the method indicated by their username. I changed this line of code in the CreateUser subroutine to make the changes.
I changed this line of code in the DRIVER definition to test my ability to connect.sub CreateUser { my($userdb,$username,$password)=@_; print STDERR "Running Create User Subroutine.\n"; # store md5 hash of password # my $digest = md5($password); # my $digest = md5_hex($password); # my $digest = md5_base64($password); # my $user = { username => $username, password => $digest }; my $user = { username => $username, password => $password }; $user = $userdb->user_create( $user ); return; }
Is there some other way I should be doing this?DRIVER => [ 'DBI', DBH => $authdb, TABLE => 'userdb', CONSTRAINTS => { 'userdb.username' => '__CREDENTIAL_1__', 'userdb.password' => '__CREDENTIAL_2__' # 'MD5:userdb.password' => '__CREDENTIAL_2__' # 'MD5_hex:userdb.password' => '__CREDENTIAL_2__' # 'MD5_base64:userdb.password' => '__CREDENTIAL_2__' }, ],
-- Hugh
|
|---|