cutelyst 4.8.0
A C++ Web Framework built on top of Qt, using the simple approach of Catalyst (Perl) framework.
Public Types | Public Member Functions | Static Public Member Functions | List of all members
Cutelyst::CredentialPassword Class Reference
Plugins » Authentication

Use password based authentication to authenticate a user. More...

#include <Cutelyst/Plugins/Authentication/credentialpassword.h>

Inheritance diagram for Cutelyst::CredentialPassword:
Inheritance graph
[legend]

Public Types

enum  PasswordType { None , Clear , Hashed }
 

Public Member Functions

 CredentialPassword (QObject *parent=nullptr)
 
virtual ~CredentialPassword () override
 
AuthenticationUser authenticate (Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo) final
 
QString passwordField () const
 
QString passwordPostSalt () const
 
QString passwordPreSalt () const
 
PasswordType passwordType () const
 
void setPasswordField (const QString &fieldName)
 
void setPasswordPostSalt (const QString &passwordPostSalt)
 
void setPasswordPreSalt (const QString &passwordPreSalt)
 
void setPasswordType (PasswordType type)
 
- Public Member Functions inherited from Cutelyst::AuthenticationCredential
 AuthenticationCredential (QObject *parent=nullptr)
 
virtual ~AuthenticationCredential ()
 
virtual AuthenticationUser authenticate (Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo)=0
 

Static Public Member Functions

static QByteArray createPassword (const QByteArray &password)
 
static QByteArray createPassword (const QByteArray &password, QCryptographicHash::Algorithm method, int iterations, int saltByteSize, int hashByteSize)
 
static QString createPassword (const QString &password)
 
static QByteArray hmac (QCryptographicHash::Algorithm method, const QByteArray &key, const QByteArray &message)
 
static QByteArray pbkdf2 (QCryptographicHash::Algorithm method, const QByteArray &password, const QByteArray &salt, int rounds, int keyLength)
 
static bool validatePassword (const QByteArray &password, const QByteArray &correctHash)
 
static bool validatePassword (const QString &password, const QString &correctHash)
 

Detailed Description

This credential provider authenticates a user with authentication information provided by for example a HTML login formular or another source for login data.

For an example implementation see Authentication overview.

Logging category
cutelyst.plugin.credentialpassword
Logging with Cutelyst

Definition at line 27 of file credentialpassword.h.

Member Enumeration Documentation

◆ PasswordType

enum Cutelyst::CredentialPassword::PasswordType

The used password type.

Enumerator
None 

Ignore password check.

Clear 

Clear text password.

Hashed 

Derived password hash using PBKDF2 method.

Definition at line 35 of file credentialpassword.h.

Constructor & Destructor Documentation

◆ CredentialPassword()

CredentialPassword::CredentialPassword ( QObject *  parent = nullptr)
explicit

Constructs a new CredentialPassword object with the given parent.

Definition at line 17 of file credentialpassword.cpp.

◆ ~CredentialPassword()

CredentialPassword::~CredentialPassword ( )
overridevirtual

Destroys the CredentialPassword object.

Definition at line 23 of file credentialpassword.cpp.

Member Function Documentation

◆ authenticate()

AuthenticationUser CredentialPassword::authenticate ( Context c,
AuthenticationRealm realm,
const ParamsMultiMap authinfo 
)
finalvirtual

Tries to authenticate the user from the authinfo by searching it in the given realm. If found, the password will be checked according to the set passwordType(). On success, a not null AuthenticationUser object will be returned.

Implements Cutelyst::AuthenticationCredential.

Definition at line 28 of file credentialpassword.cpp.

References Cutelyst::AuthenticationRealm::findUser(), and Cutelyst::AuthenticationUser::isNull().

◆ createPassword() [1/3]

QByteArray CredentialPassword::createPassword ( const QByteArray &  password)
static

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 155 of file credentialpassword.cpp.

References createPassword().

◆ createPassword() [2/3]

QByteArray CredentialPassword::createPassword ( const QByteArray &  password,
QCryptographicHash::Algorithm  method,
int  iterations,
int  saltByteSize,
int  hashByteSize 
)
static

Returns a derived hash from the clear text password with the given method, iterations, saltByteSize and hashByteSize using the pbkdf2() method.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 132 of file credentialpassword.cpp.

References pbkdf2().

Referenced by createPassword(), and createPassword().

◆ createPassword() [3/3]

QString Cutelyst::CredentialPassword::createPassword ( const QString &  password)
inlinestatic

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note
If you want to use pre and post salts you have to manually add them to the password.

Definition at line 182 of file credentialpassword.h.

References createPassword().

◆ hmac()

QByteArray CredentialPassword::hmac ( QCryptographicHash::Algorithm  method,
const QByteArray &  key,
const QByteArray &  message 
)
static

Generates the Hash-based message authentication code.

Definition at line 221 of file credentialpassword.cpp.

◆ passwordField()

QString CredentialPassword::passwordField ( ) const

Returns the field to look for when authenticating the user.

See also
authenticate(), setPasswordField()

Definition at line 48 of file credentialpassword.cpp.

◆ passwordPostSalt()

QString CredentialPassword::passwordPostSalt ( ) const

Returns the salt string to be appended to the password.

See also
setPasswordPostSalt()

Definition at line 84 of file credentialpassword.cpp.

Referenced by setPasswordPostSalt().

◆ passwordPreSalt()

QString CredentialPassword::passwordPreSalt ( ) const

Returns the salt string to be prepended to the password.

See also
setPasswordPreSalt()

Definition at line 72 of file credentialpassword.cpp.

Referenced by setPasswordPreSalt().

◆ passwordType()

CredentialPassword::PasswordType CredentialPassword::passwordType ( ) const

Returns the type of password this class will be dealing with.

See also
setPasswordType()

Definition at line 60 of file credentialpassword.cpp.

◆ pbkdf2()

QByteArray CredentialPassword::pbkdf2 ( QCryptographicHash::Algorithm  method,
const QByteArray &  password,
const QByteArray &  salt,
int  rounds,
int  keyLength 
)
static

Returns a PBKDF2 string for the given clear text password and salt using method, rounds and keyLength.

Definition at line 164 of file credentialpassword.cpp.

Referenced by createPassword(), and validatePassword().

◆ setPasswordField()

void CredentialPassword::setPasswordField ( const QString &  fieldName)

Sets the field to look for when authenticating the user.

See also
authenticate(), passwordField()

Definition at line 54 of file credentialpassword.cpp.

◆ setPasswordPostSalt()

void CredentialPassword::setPasswordPostSalt ( const QString &  passwordPostSalt)

Sets the salt string to be appended to the password.

See also
passwordPostSalt()

Definition at line 90 of file credentialpassword.cpp.

References passwordPostSalt().

◆ setPasswordPreSalt()

void CredentialPassword::setPasswordPreSalt ( const QString &  passwordPreSalt)

Sets the salt string to be prepended to the password.

See also
passwordPreSalt()

Definition at line 78 of file credentialpassword.cpp.

References passwordPreSalt().

◆ setPasswordType()

void CredentialPassword::setPasswordType ( PasswordType  type)

Sets the type of password this class will be dealing with.

See also
passwordType()

Definition at line 66 of file credentialpassword.cpp.

◆ validatePassword() [1/2]

bool CredentialPassword::validatePassword ( const QByteArray &  password,
const QByteArray &  correctHash 
)
static

Validates the given password against the correctHash.

Definition at line 111 of file credentialpassword.cpp.

References pbkdf2().

Referenced by validatePassword().

◆ validatePassword() [2/2]

bool Cutelyst::CredentialPassword::validatePassword ( const QString &  password,
const QString &  correctHash 
)
inlinestatic

Validates the given password string against the correctHash string.

Definition at line 176 of file credentialpassword.h.

References validatePassword().