1 package FS::Auth::internal;
2 #use base qw( FS::Auth );
5 use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash en_base64 de_base64);
6 use FS::Record qw( qsearchs );
10 my($self, $username, $check_password ) = @_;
13 ref($username) ? $username
14 : qsearchs('access_user', { 'username' => $username,
20 if ( $access_user->_password_encoding eq 'bcrypt' ) {
22 my( $cost, $salt, $hash ) = split(',', $access_user->_password);
24 my $check_hash = en_base64( bcrypt_hash( { key_nul => 1,
26 salt => de_base64($salt),
36 return 0 if $access_user->_password eq 'notyet'
37 || $access_user->_password eq '';
39 $access_user->_password eq $check_password;
46 my($self, $access_user, $new_password) = @_;
48 $self->change_password_fields( $access_user, $new_password );
50 $access_user->replace;
54 sub change_password_fields {
55 my($self, $access_user, $new_password) = @_;
57 $access_user->_password_encoding('bcrypt');
61 my $salt = pack( 'C*', map int(rand(256)), 1..16 );
63 my $hash = bcrypt_hash( { key_nul => 1,
70 $access_user->_password(
71 join(',', $cost, en_base64($salt), en_base64($hash) )