[Catalyst] What is correct way to re-check user password for
authenticated user?
Jason Galea
lists at eightdegrees.com.au
Wed Aug 26 00:15:40 GMT 2009
Oleg Kostyuk wrote:
> Hello subscribers,
>
> On some pages I need to re-check user password (to be more concrete -
> each time when user change any settings on "user settings" page). I
> can't compare passwords directly (something like: $form->{password} eq
> $c->user->password()), because in DB I have only hashed passwords.
>
how are you hashing your passwords? If using DBIx::Class::EncodedColumn
you can get it to generate a 'check_password' method (see docs).
> Seems that I can try to authenticate user again, by calling
> $c->authenticate(name=>$c->user->name, pass=>$form->{password}), but I
> concerned is this acceptable - calling authenticate, when user is
> already authenticated. And what will be if provided password is
> incorrect - user will be auto-logout'ed or not?
>
> May be there is some other way, that is not obvious to me?
>
> Any thoughts is welcome,
> Thanks.
>
>
More information about the Catalyst
mailing list