NAME

Apache2::Authen::Passphrase - basic authentication with Authen::Passphrase

SYNOPSIS

  use Apache2::Authen::Passphrase qw/pwcheck pwset pwhash/;
  $Apache2::Authen::Passphrase::rootdir = "/path/to/user/directory"
  my $hash = pwhash $username, $password;
  pwset $username, "pass123";
  eval { pwcheck $username, "pass123" };

  # In Apache2 config
  <Location /secret>
    PerlAuthenHandler Apache2::Authen::Passphrase
    PerlSetVar AuthenPassphraseRootdir /path/to/user/directory
    AuthName MyAuth
    Require valid-user
  </Location>

DESCRIPTION

Apache2::Authen::Passphrase is a perl module which provides easy-to-use Apache2 authentication. It exports some utility functions and it contains a PerlAuthenHandler.

The password hashes are stored in YAML files in an directory (called the rootdir), one file per user.

Set the rootdir like this:

  $Apache2::Authen::Passphrase::rootdir = '/path/to/rootdir';

or by setting the AAP_ROOTDIR enviroment variable to the desired value.

FUNCTIONS

pwhash()

Takes the password as a single argument and returns the password hash.

pwset($username, $password)

Sets the password of $username to $password.

pwcheck($username, $password)

Checks the given username and password, throwing an exception if the username is invalid or the password is incorrect.

handler

The PerlAuthenHandler for use in apache2. It uses Basic Access Authentication.

USER_REGEX

A regex that matches valid usernames. Usernames must be at least 2 characters, at most 20 characters, and they may only contain word characters ([A-Za-z0-9_]).

INVALID_USER

Exception thrown if the username does not match USER_REGEX.

BAD_PASSWORD

Exception thrown if the password is different from the one stored in the user's yml file.

PASSPHRASE_VERSION

The version of the passphrase. It is incremented each time the passphrase hashing scheme is changed. Versions so far:

Version 1 (current)

Uses Authen::Passphrase::BlowfishCrypt with a cost factor of 10

ENVIRONMENT

AAP_ROOTDIR

If the rootdir is not explicitly set, it is taken from this environment variable.

AUTHOR

Marius Gavrilescu, <marius@ieval.ro>

COPYRIGHT AND LICENSE

Copyright (C) 2013-2015 by Marius Gavrilescu

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.14.2 or, at your option, any later version of Perl 5 you may have available.