[Catalyst] Migrate from SHA hashed passwords to Bcrypt crypted
passwords
Mark Blackman
m.blackman at fairfx.com
Mon Jul 11 15:34:09 GMT 2011
On 11 Jul 2011, at 15:59, Pavel Karoukin wrote:
> Hello,
>
> Right now I am using SHA hashed passwords in my Catalyst application (https://github.com/hippich/Bitcoin-Poker-Room). While SHA is better then MD5, I still want to migrate to Bcrypt.
>
> I have two questions:
>
> 1) Catalyst::Authentication::Credential::Password seems to not support Bcrypt since it relies on Digest and Digest do not have Bcrypt as an option. Should I use DBIx::Class::EncodedColumn with Crypt::Eksblowfish::Bcrypt ?
I think you could locally patch Catalyst::Authentication::Credential::Password and/or submit an upstream patch to handle bcrypt hashing as
another password_type a bit like 'salted_hash'.
>
> 2) How I should update my application to have first check against new hashing algorithm and if password returns incorrect, try old one (SHA)? Should I do it through realms, or just check password in my authentication controller directly instead?
I'd define two realms in your configuration for each password type and then attempt authentication against both realms.
- Mark
More information about the Catalyst
mailing list