<<

NAME

pf::password - module to view, query and manage temporary passwords

DESCRIPTION

pf::password contains the functions necessary to manage all aspects of temporary passwords: creation, deletion, etc. utility methods generate activation codes and validate them.

DEVELOPER NOTES

Notice that this module doesn't export all its subs like our other modules do. This is an attempt to shift our paradigm towards calling with package names and avoid the double naming.

For ex: pf::password::view() instead of pf::password::password_view()

Remove this note when it will be no longer relevant. ;)

BUGS AND LIMITATIONS

If you keep getting the same passwords over and over again make sure that you've got PerlChildInitHandler "sub { srand }" in your apache config.

SUBROUTINES

TODO: This list is incomlete

password_db_prepare

Instantiate SQL statements to be prepared

view

view a temporary password record, returns an hashref

view_email

view the temporary password record associated to an email address, returns an hashref

_delete

_delete a temporary password record

create

Creates a temporary password record for a given pid. Valid until given expiration.

_generate_password

Generates the password

generate

Generates a temporary password and add it to the temporary password table.

Returns the temporary password

Optional arguments:

expiration date

Credentials won't work after expiration date

Defaults to module's default (31 days)

valid from date

Credentials won't work before valid_from date

Defaults to 0 (works now)

acess duration

On login, how long should this user has access?

Defaults to 0 (no per user limit)

_update_from_actions

Updates password fields from an action list

_update_field_for_action

Updates password field from an action

modify_actions

Modify the password actions

validate_password

Validate password for a given pid.

Return values: $AUTH_SUCCESS, access_duration - success $AUTH_FAILED_INVALID - invalid user/pass $AUTH_FAILED_EXPIRED - password expired $AUTH_FAILED_NOT_YET_VALID - password not valid yet

password_get_hash_type

extract the type of hash for the password

reset_password

Reset (change) a password for a user in the password table.

AUTHOR

Inverse inc. <info@inverse.ca>

COPYRIGHT

Copyright (C) 2005-2015 Inverse inc.

LICENSE

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

<<