[Catalyst] Migrate from SHA hashed passwords to Bcrypt crypted
m.blackman at fairfx.com
Mon Jul 11 15:34:09 GMT 2011
On 11 Jul 2011, at 15:59, Pavel Karoukin wrote:
> Right now I am using SHA hashed passwords in my Catalyst application (https://github.com/hippich/Bitcoin-Poker-Room). While SHA is better then MD5, I still want to migrate to Bcrypt.
> I have two questions:
> 1) Catalyst::Authentication::Credential::Password seems to not support Bcrypt since it relies on Digest and Digest do not have Bcrypt as an option. Should I use DBIx::Class::EncodedColumn with Crypt::Eksblowfish::Bcrypt ?
I think you could locally patch Catalyst::Authentication::Credential::Password and/or submit an upstream patch to handle bcrypt hashing as
another password_type a bit like 'salted_hash'.
> 2) How I should update my application to have first check against new hashing algorithm and if password returns incorrect, try old one (SHA)? Should I do it through realms, or just check password in my authentication controller directly instead?
I'd define two realms in your configuration for each password type and then attempt authentication against both realms.
More information about the Catalyst