Oleg Kostyuk wrote:
Hello subscribers,
On some pages I need to re-check user password (to be more concrete -
each time when user change any settings on "user settings" page). I
can't compare passwords directly (something like: $form->{password} eq
$c->user->password()), because in DB I have only hashed passwords.
how are you hashing your passwords? If using DBIx::Class::EncodedColumn
you can get it to generate a 'check_password' method (see docs).
Seems that I can try to authenticate user again, by calling
$c->authenticate(name=>$c->user->name, pass=>$form->{password}), but I
concerned is this acceptable - calling authenticate, when user is
already authenticated. And what will be if provided password is
incorrect - user will be auto-logout'ed or not?
May be there is some other way, that is not obvious to me?
Any thoughts is welcome,
Thanks.
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
