use Authen::Passphrase::BlowfishCrypt instead of bcrypt plugin; implement Moderator model

This commit is contained in:
swagg boi 2022-10-23 14:30:43 -04:00
parent f51af35605
commit 835a790ba0
4 changed files with 33 additions and 2 deletions

View file

@ -32,6 +32,8 @@ Run the tests locally (against development environment):
## TODOs ## TODOs
1. Need to pass `config` to the Moderator model for bcrypt cost
1. Re-write bcrypt command to use Authen::Passphrase::BlowfishCrypt
1. Some sort of admin/moderator login and view 1. Some sort of admin/moderator login and view
1. Implement tripcodes 1. Implement tripcodes
1. CSS 1. CSS

View file

@ -2,4 +2,4 @@ requires 'Mojolicious';
requires 'Mojo::Pg'; requires 'Mojo::Pg';
requires 'Mojolicious::Plugin::TagHelpers::Pagination'; requires 'Mojolicious::Plugin::TagHelpers::Pagination';
requires 'Mojolicious::Plugin::AssetPack'; requires 'Mojolicious::Plugin::AssetPack';
requires 'Mojolicious::Plugin::BcryptSecure'; requires 'Authen::Passphrase::BlowfishCrypt';

View file

@ -6,12 +6,12 @@ use Mojo::Base 'Mojolicious', -signatures;
use Mojo::Pg; use Mojo::Pg;
use PostText::Model::Thread; use PostText::Model::Thread;
use PostText::Model::Remark; use PostText::Model::Remark;
use PostText::Model::Moderator;
sub startup($self) { sub startup($self) {
$self->plugin('Config'); $self->plugin('Config');
$self->plugin('TagHelpers::Pagination'); $self->plugin('TagHelpers::Pagination');
$self->plugin(AssetPack => {pipes => [qw{Css Combine}]}); $self->plugin(AssetPack => {pipes => [qw{Css Combine}]});
$self->plugin('BcryptSecure', {cost => $self->config->{'bcrypt_cost'}});
# Helpers # Helpers
$self->helper(pg => sub ($c) { $self->helper(pg => sub ($c) {
@ -26,6 +26,10 @@ sub startup($self) {
state $remark = PostText::Model::Remark->new(pg => $c->pg) state $remark = PostText::Model::Remark->new(pg => $c->pg)
}); });
$self->helper(moderator => sub ($c) {
state $moderator = PostText::Model::Moderator->new(pg => $c->pg)
});
$self->helper(truncate_text => sub ($c, $input_text) { $self->helper(truncate_text => sub ($c, $input_text) {
my $truncated_text = 500 < length($input_text) my $truncated_text = 500 < length($input_text)
? substr($input_text, 0, 500) . '...' : $input_text; ? substr($input_text, 0, 500) . '...' : $input_text;

View file

@ -0,0 +1,25 @@
package PostText::Model::Moderator;
use Mojo::Base -base, -signatures;
use Authen::Passphrase::BlowfishCrypt;
use Data::Dumper;
has 'pg';
sub check_password($self, $email, $password) {
my $moderator =
$self->pg->db->query(<<~'END_SQL', $email)->hash;
SELECT moderator_id AS id,
password_hash
FROM moderators
WHERE email_addr = ?;
END_SQL
return undef unless $moderator->{'id'};
return Authen::Passphrase::BlowfishCrypt
->from_crypt($moderator->{'password_hash'})
->match($password);
}
1;