NAME

Crypt::Passphrase - A module for managing passwords in a cryptographically agile manner

VERSION

version 0.001

SYNOPSIS

my $authenticator = Crypt::Passphrase->new(
    encoder    => 'Argon2',
    validators => [ 'Bcrypt' ],
);

my $hash = get_hash($user);
if (!$authenticator->verify_password($password, $hash)) {
    die "Invalid password";
}
elsif ($authenticator->needs_rehash($hash)) {
    update_hash($user, $authenticator->hash_password($password));
}

DESCRIPTION

This module manages the passwords in a cryptographically agile manner. Following Postel's principle, it allows you to define a single scheme that will be used for new passwords, but several schemes to check passwords with. It will be able to tell you if you should rehash your password, not only because the scheme is outdated, but also because the desired parameters have changed.

METHODS

new(...)

encoder

A Crypt::Passphrase object has a single encoder. This can be passed in three different ways:
- A simple string
  
  The name of the encoder class. If the value starts with a +, the + will be removed and the remainder will be taken as a fully-qualified package name. Otherwise, Crypt::Passphrase:: will be prepended to he value.
  
  The class will be loaded, and constructed without arguments.
- A hash
  
  The module entry will be used to load a new Crypt::Passphrase module as described above, the other arguments will be passed to the constructor. This is the recommended option, as it gives you full control over the password parameters.
- A Crypt::Passphrase::Encoder object
  
  This will be used as-is.
This argument is mandatory.
validators

This is a list of additional validators for passwords. These values can each either be the same an encoder value, except that the last entry may also be a coderef that takes the password and the hash as its arguments and returns a boolean value.

The encoder is always considered as a validator and thus doesn't need to be explicitly specified.

hash_password($password)

This will hash a password with the encoder cipher, and return it (in crypt format). This will generally use a salt, and as such will return a different value each time even when called with the same password.

verify_password($password, $hash)

This will check a password satisfies a certain hash.

needs_rehash($hash)

This will check if a hash needs to be rehashed, either because it's in the wrong cipher or because the parameters are insufficient.

Calling this only ever makes sense after a password has been verified.

AUTHOR

Leon Timmermans <leont@cpan.org>

COPYRIGHT AND LICENSE

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install Crypt::Passphrase, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::Passphrase

CPAN shell

perl -MCPAN -e shell
install Crypt::Passphrase

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)