bin/generate-password.pl t/digest/01-digest.t @@ -2,6 +2,7 @@ use v6; use Session; use Cache; +use Digest; class November does Session does Cache { @@ -204,11 +205,10 @@ class November does Session does Cache { my %users = self.read_users(); # Yes, this is cheating. Stand by for a real MD5 hasher. - if (defined %users{$user_name} - and $password eq %users{$user_name}<plain_text>) { - # if Digest::MD5::md5_base64( - # Digest::MD5::md5_base64($user_name) ~ $password - # ) eq %users{$user_name}<password> { + if defined %users{$user_name} + and digest(digest($user_name, 'sha256') ~ $password, + 'sha256' + ) eq %users{$user_name}<password> { my $session_id = self.new_session($user_name); my $session_cookie = "session_id=$session_id"; lib/November.pm 43c37cb978f4813b54b3ba9b15223790b1471636 Johan Viklund johan.viklund@gmail.com http://github.com/viklund/november/commit/e03a79b2f8a220f186ae1cc9f4ea1cedf55a2192 e03a79b2f8a220f186ae1cc9f4ea1cedf55a2192 2009-06-23T14:28:05-07:00 2009-06-23T14:26:34-07:00 Added password hashing. Closes #13. c8f168f4bcffd044ecedb3134fe9bdd00155d9ef Johan Viklund johan.viklund@gmail.com