On 07/11/2011 10:34 AM, Mark Blackman wrote: > >> 2) How I should update my application to have first check against new >> hashing algorithm and if password returns incorrect, try old one (SHA)? >> Should I do it through realms, or just check password in my authentication >> controller directly instead? > I'd define two realms in your configuration for each password type and then > attempt authentication against both realms. >
How does realm work when saving user? Ideally, I would like to try authenticate user against Bcrypt, if it fails - try SHA and if it success - ask user to change password which will be saved in Bcrypt realm. How I can instruct it to save new password as Bcrypt hash if user logged in with SHA-hashed password? Regards, Pavel _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
