From 835a790ba03d614e0933c45f105b1494163b3563 Mon Sep 17 00:00:00 2001 From: swag Date: Sun, 23 Oct 2022 14:30:43 -0400 Subject: [PATCH] use Authen::Passphrase::BlowfishCrypt instead of bcrypt plugin; implement Moderator model --- README.md | 2 ++ cpanfile | 2 +- lib/PostText.pm | 6 +++++- lib/PostText/Model/Moderator.pm | 25 +++++++++++++++++++++++++ 4 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 lib/PostText/Model/Moderator.pm diff --git a/README.md b/README.md index 14b2d28..2f7899a 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,8 @@ Run the tests locally (against development environment): ## TODOs +1. Need to pass `config` to the Moderator model for bcrypt cost +1. Re-write bcrypt command to use Authen::Passphrase::BlowfishCrypt 1. Some sort of admin/moderator login and view 1. Implement tripcodes 1. CSS diff --git a/cpanfile b/cpanfile index 775be4c..154df0a 100644 --- a/cpanfile +++ b/cpanfile @@ -2,4 +2,4 @@ requires 'Mojolicious'; requires 'Mojo::Pg'; requires 'Mojolicious::Plugin::TagHelpers::Pagination'; requires 'Mojolicious::Plugin::AssetPack'; -requires 'Mojolicious::Plugin::BcryptSecure'; +requires 'Authen::Passphrase::BlowfishCrypt'; diff --git a/lib/PostText.pm b/lib/PostText.pm index 63f8e36..1d508fa 100644 --- a/lib/PostText.pm +++ b/lib/PostText.pm @@ -6,12 +6,12 @@ use Mojo::Base 'Mojolicious', -signatures; use Mojo::Pg; use PostText::Model::Thread; use PostText::Model::Remark; +use PostText::Model::Moderator; sub startup($self) { $self->plugin('Config'); $self->plugin('TagHelpers::Pagination'); $self->plugin(AssetPack => {pipes => [qw{Css Combine}]}); - $self->plugin('BcryptSecure', {cost => $self->config->{'bcrypt_cost'}}); # Helpers $self->helper(pg => sub ($c) { @@ -26,6 +26,10 @@ sub startup($self) { state $remark = PostText::Model::Remark->new(pg => $c->pg) }); + $self->helper(moderator => sub ($c) { + state $moderator = PostText::Model::Moderator->new(pg => $c->pg) + }); + $self->helper(truncate_text => sub ($c, $input_text) { my $truncated_text = 500 < length($input_text) ? substr($input_text, 0, 500) . '...' : $input_text; diff --git a/lib/PostText/Model/Moderator.pm b/lib/PostText/Model/Moderator.pm new file mode 100644 index 0000000..7e08ebf --- /dev/null +++ b/lib/PostText/Model/Moderator.pm @@ -0,0 +1,25 @@ +package PostText::Model::Moderator; + +use Mojo::Base -base, -signatures; +use Authen::Passphrase::BlowfishCrypt; +use Data::Dumper; + +has 'pg'; + +sub check_password($self, $email, $password) { + my $moderator = + $self->pg->db->query(<<~'END_SQL', $email)->hash; + SELECT moderator_id AS id, + password_hash + FROM moderators + WHERE email_addr = ?; + END_SQL + + return undef unless $moderator->{'id'}; + + return Authen::Passphrase::BlowfishCrypt + ->from_crypt($moderator->{'password_hash'}) + ->match($password); +} + +1;