cutelyst 4.8.0
A C++ Web Framework built on top of Qt, using the simple approach of Catalyst (Perl) framework.
Cutelyst::CredentialPassword Class Reference
Plugins » Authentication

Use password based authentication to authenticate a user. More...

#include <Cutelyst/Plugins/Authentication/credentialpassword.h>

Inheritance diagram for Cutelyst::CredentialPassword:
Inheritance graph
[legend]

Public Types

enum  PasswordType { None , Clear , Hashed }

Public Member Functions

 CredentialPassword (QObject *parent=nullptr)
virtual ~CredentialPassword () override
AuthenticationUser authenticate (Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo) final
QString passwordField () const
QString passwordPostSalt () const
QString passwordPreSalt () const
PasswordType passwordType () const
void setPasswordField (const QString &fieldName)
void setPasswordPostSalt (const QString &passwordPostSalt)
void setPasswordPreSalt (const QString &passwordPreSalt)
void setPasswordType (PasswordType type)
Public Member Functions inherited from Cutelyst::AuthenticationCredential
 AuthenticationCredential (QObject *parent=nullptr)
virtual ~AuthenticationCredential ()

Static Public Member Functions

static QByteArray createPassword (const QByteArray &password)
static QByteArray createPassword (const QByteArray &password, QCryptographicHash::Algorithm method, int iterations, int saltByteSize, int hashByteSize)
static QString createPassword (const QString &password)
static QByteArray hmac (QCryptographicHash::Algorithm method, const QByteArray &key, const QByteArray &message)
static QByteArray pbkdf2 (QCryptographicHash::Algorithm method, const QByteArray &password, const QByteArray &salt, int rounds, int keyLength)
static bool validatePassword (const QByteArray &password, const QByteArray &correctHash)
static bool validatePassword (const QString &password, const QString &correctHash)

Detailed Description

This credential provider authenticates a user with authentication information provided by for example a HTML login formular or another source for login data.

For an example implementation see Authentication overview.

Logging category
cutelyst.plugin.credentialpassword
Logging with Cutelyst

Definition at line 27 of file credentialpassword.h.

Member Enumeration Documentation

◆ PasswordType

enum Cutelyst::CredentialPassword::PasswordType

The used password type.

Enumerator
None 

Ignore password check.

Clear 

Clear text password.

Hashed 

Derived password hash using PBKDF2 method.

Definition at line 35 of file credentialpassword.h.

Constructor & Destructor Documentation

◆ CredentialPassword()

CredentialPassword::CredentialPassword ( QObject * parent = nullptr)
explicit

Constructs a new CredentialPassword object with the given parent.

Definition at line 17 of file credentialpassword.cpp.

References Cutelyst::AuthenticationCredential::AuthenticationCredential(), and CredentialPassword().

Referenced by CredentialPassword(), authenticate(), passwordField(), passwordPostSalt(), passwordPreSalt(), passwordType(), setPasswordField(), setPasswordPostSalt(), setPasswordPreSalt(), and setPasswordType().

◆ ~CredentialPassword()

CredentialPassword::~CredentialPassword ( )
overridevirtual

Destroys the CredentialPassword object.

Definition at line 23 of file credentialpassword.cpp.

Member Function Documentation

◆ authenticate()

AuthenticationUser CredentialPassword::authenticate ( Context * c,
AuthenticationRealm * realm,
const ParamsMultiMap & authinfo )
nodiscardfinalvirtual

Tries to authenticate the user from the authinfo by searching it in the given realm. If found, the password will be checked according to the set passwordType(). On success, a not null AuthenticationUser object will be returned.

Implements Cutelyst::AuthenticationCredential.

Definition at line 28 of file credentialpassword.cpp.

References CredentialPassword(), Cutelyst::AuthenticationRealm::findUser(), and Cutelyst::AuthenticationUser::isNull().

◆ createPassword() [1/3]

QByteArray CredentialPassword::createPassword ( const QByteArray & password)
staticnodiscard

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 155 of file credentialpassword.cpp.

References createPassword().

◆ createPassword() [2/3]

QByteArray CredentialPassword::createPassword ( const QByteArray & password,
QCryptographicHash::Algorithm method,
int iterations,
int saltByteSize,
int hashByteSize )
staticnodiscard

Returns a derived hash from the clear text password with the given method, iterations, saltByteSize and hashByteSize using the pbkdf2() method.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 132 of file credentialpassword.cpp.

References pbkdf2().

Referenced by createPassword(), and createPassword().

◆ createPassword() [3/3]

QString Cutelyst::CredentialPassword::createPassword ( const QString & password)
inlinestaticnodiscard

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 182 of file credentialpassword.h.

References createPassword().

◆ hmac()

QByteArray CredentialPassword::hmac ( QCryptographicHash::Algorithm method,
const QByteArray & key,
const QByteArray & message )
staticnodiscard

Generates the Hash-based message authentication code.

Definition at line 221 of file credentialpassword.cpp.

◆ passwordField()

QString CredentialPassword::passwordField ( ) const
nodiscard

Returns the field to look for when authenticating the user.

See also
authenticate(), setPasswordField()

Definition at line 48 of file credentialpassword.cpp.

References CredentialPassword().

◆ passwordPostSalt()

QString CredentialPassword::passwordPostSalt ( ) const
nodiscard

Returns the salt string to be appended to the password.

See also
setPasswordPostSalt()

Definition at line 84 of file credentialpassword.cpp.

References CredentialPassword().

Referenced by setPasswordPostSalt().

◆ passwordPreSalt()

QString CredentialPassword::passwordPreSalt ( ) const
nodiscard

Returns the salt string to be prepended to the password.

See also
setPasswordPreSalt()

Definition at line 72 of file credentialpassword.cpp.

References CredentialPassword().

Referenced by setPasswordPreSalt().

◆ passwordType()

CredentialPassword::PasswordType CredentialPassword::passwordType ( ) const
nodiscard

Returns the type of password this class will be dealing with.

See also
setPasswordType()

Definition at line 60 of file credentialpassword.cpp.

References CredentialPassword().

◆ pbkdf2()

QByteArray CredentialPassword::pbkdf2 ( QCryptographicHash::Algorithm method,
const QByteArray & password,
const QByteArray & salt,
int rounds,
int keyLength )
staticnodiscard

Returns a PBKDF2 string for the given clear text password and salt using method, rounds and keyLength.

Definition at line 164 of file credentialpassword.cpp.

Referenced by createPassword(), and validatePassword().

◆ setPasswordField()

void CredentialPassword::setPasswordField ( const QString & fieldName)

Sets the field to look for when authenticating the user.

See also
authenticate(), passwordField()

Definition at line 54 of file credentialpassword.cpp.

References CredentialPassword().

◆ setPasswordPostSalt()

void CredentialPassword::setPasswordPostSalt ( const QString & passwordPostSalt)

Sets the salt string to be appended to the password.

See also
passwordPostSalt()

Definition at line 90 of file credentialpassword.cpp.

References CredentialPassword(), and passwordPostSalt().

◆ setPasswordPreSalt()

void CredentialPassword::setPasswordPreSalt ( const QString & passwordPreSalt)

Sets the salt string to be prepended to the password.

See also
passwordPreSalt()

Definition at line 78 of file credentialpassword.cpp.

References CredentialPassword(), and passwordPreSalt().

◆ setPasswordType()

void CredentialPassword::setPasswordType ( PasswordType type)

Sets the type of password this class will be dealing with.

See also
passwordType()

Definition at line 66 of file credentialpassword.cpp.

References CredentialPassword().

◆ validatePassword() [1/2]

bool CredentialPassword::validatePassword ( const QByteArray & password,
const QByteArray & correctHash )
staticnodiscard

Validates the given password against the correctHash.

Definition at line 111 of file credentialpassword.cpp.

References pbkdf2().

Referenced by validatePassword().

◆ validatePassword() [2/2]

bool Cutelyst::CredentialPassword::validatePassword ( const QString & password,
const QString & correctHash )
inlinestaticnodiscard

Validates the given password string against the correctHash string.

Definition at line 176 of file credentialpassword.h.

References validatePassword().