[html-formfu] applying a filter

David Schmidt davewood at gmx.at
Thu Mar 19 16:39:53 GMT 2009 

I got a little problem here.

in my formfu yml file I use

transformers:
        - type: Callback
          callback: 'Digest::SHA::sha1_hex'

and in myApp.conf

<authentication>
    default_realm dbic
    <realms>
        <dbic>
            <credential>
                class Password
                password_field password
                password_type hashed
                password_hash_type SHA-1
            </credential>
            <store>
               (...)
            </store>
        </dbic>
    </realms>
</authentication>

but the hashes dont match.

This hash is inserted (providing password "oioioioi")
0c15f7b5ddad2ba75792b5d30d62ada2e7bda995

But *** perl -MDigest::SHA -e "print
Digest::SHA::sha1_hex('oioioioi')" *** returns

4a8737e65bd1312a45201bee99649b26e0eb3a22

I am not the best of debuggers so I am a bit stuck

as a workaround I am changing the password field manually with
add_valid before I update the model (just as you tried)
but I really want the transformer to work, any hints?
my $account = $c->model('myDB::Accounts')->new_result({});
$form->add_valid("password", sha1_hex($form->param('password')));
$form->model->update($account);

On Thu, Mar 19, 2009 at 4:36 PM, David Schmidt <davewood at gmx.at> wrote:
> sweet :)
>
> I was just about to comment on your solution for hashing the pw before
> update/insert but transformers seem to be what should be used for that
> kind of problem.
>
> thanks
>
> 2009/3/19 Octavian Râşniţă <orasnita at gmail.com>:
>> I found a good solution for that, not by using a filter, but a transformer.
>>
>> But it can be done directly without creating a custom module, like:
>>
>> <element>
>> type Password
>> name password
>> label_xml Password<sup>*</sup>:
>> filter TrimEdges
>> constraint Required
>> <transformers>
>> type Callback
>> callback Digest::SHA1::sha1_hex
>> </transformers>
>> </element>
>>
>> The method Digest::SHA1::sha1_hex can be used directly as a callback method.
>>
>> Octavian
>>
>> ----- Original Message ----- From: "David Schmidt" <davewood at gmx.at>
>> To: "HTML Form Creation,Rendering and Validation Framework"
>> <html-formfu at lists.scsys.co.uk>
>> Sent: Thursday, March 19, 2009 4:43 PM
>> Subject: Re: [html-formfu] applying a filter
>>
>>
>> I wrote my own Filter
>>
>> lib/HTML/FormFu/Filter/myApp/Digest_SHA.pm
>>
>> package HTML::FormFu::Filter::myApp::Digest_SHA;
>> use strict;
>> use warnings;
>> use base 'HTML::FormFu::Filter';
>> use Digest::SHA qw/sha1_hex/;
>>
>> sub filter {
>>   my ( $self, $value, $params ) = @_;
>>   return sha1_hex($value);
>> }
>>
>> 1;
>>
>> and in my create.yml
>>
>>   - type: Password
>>     name: password
>>     filters:
>>       - type: "myApp::Digest_SHA"
>>
>>
>> works fine, but since I also use the repeat_password constraint and
>> the filter is applied before passwords are compared I will not use
>> this approach and rather change the password prior to
>> updating/inserting into the database.
>>
>> On Sun, Jan 11, 2009 at 10:21 AM, Octavian Rasnita <orasnita at gmail.com>
>> wrote:
>>>
>>> Hello,
>>>
>>> I am trying to find the best way of storing an encrypted password in the
>>> database (when creating a new user for example).
>>>
>>> I thought that using a filter might be the best way for this and using a
>>> callback would be enough:
>>>
>>> <filters>
>>> type Callback
>>> callback Digest::SHA1::sha1_hex
>>> </filters>
>>>
>>> The single problem is that it doesn't work.
>>>
>>> Digest::SHA1::sha1_hex returns the encrypted string, so it should work,
>>> but
>>> I don't know why, it doesn't.
>>>
>>> I have also tried to use a 'use Digest::SHA1;' in MyApp.pm, even though
>>> without it it didn't give any error, however it still doesn't work, and
>>> the
>>> unencrypted string is inserted in the database.
>>>
>>> The code I use for inserting the user is:
>>>
>>> if ($form->submitted_and_valid) {
>>> my $user = $form->param_value('user');
>>> my $email = $form->param_value('email');
>>> my $hash = sha1_hex($user . $email . time());
>>>
>>> my $new_user = $c->model("DB::TempUser")->new_result({hash => $hash});
>>> $form->process;
>>> $form->model->update($new_user);
>>> }
>>>
>>> Am I doing something wrong, or the filter can't be used for what I want?
>>>
>>> Thanks.
>>>
>>> Octavian
>>>
>>>
>>> _______________________________________________
>>> HTML-FormFu mailing list
>>> HTML-FormFu at lists.scsys.co.uk
>>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
>>>
>>
>>
>>
>> --
>> David Schmidt   |   http://www.fm5.at
>>
>> _______________________________________________
>> HTML-FormFu mailing list
>> HTML-FormFu at lists.scsys.co.uk
>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
>>
>> _______________________________________________
>> HTML-FormFu mailing list
>> HTML-FormFu at lists.scsys.co.uk
>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
>>
>
>
>
> --
> David Schmidt   |   http://www.fm5.at
>



-- 
David Schmidt   |   http://www.fm5.at

More information about the HTML-FormFu mailing list