Use password based authentication to authenticate a user. More...

#include <Cutelyst/Plugins/Authentication/credentialpassword.h>

Inheritance diagram for Cutelyst::CredentialPassword:

[legend]

Public Types
enum	PasswordType { None , Clear , Hashed }
Public Types inherited from QObject
enum	TimerId

Public Member Functions
	CredentialPassword (QObject *parent=nullptr)
virtual	~CredentialPassword () override
AuthenticationUser	authenticate (Context c, AuthenticationRealm realm, const ParamsMultiMap &authinfo) final
QString	passwordField () const
QString	passwordPostSalt () const
QString	passwordPreSalt () const
PasswordType	passwordType () const
void	setPasswordField (const QString &fieldName)
void	setPasswordPostSalt (const QString &passwordPostSalt)
void	setPasswordPreSalt (const QString &passwordPreSalt)
void	setPasswordType (PasswordType type)
Public Member Functions inherited from Cutelyst::AuthenticationCredential
	AuthenticationCredential (QObject *parent=nullptr)
virtual	~AuthenticationCredential ()
Public Member Functions inherited from QObject
	QObject (QObject *parent)
QBindable< QString >	bindableObjectName ()
bool	blockSignals (bool block)
const QObjectList &	children () const const
QMetaObject::Connection	connect (const QObject sender, const char signal, const char *method, Qt::ConnectionType type) const const
void	deleteLater ()
void	destroyed (QObject *obj)
bool	disconnect (const char signal, const QObject receiver, const char *method) const const
bool	disconnect (const QObject receiver, const char method) const const
void	dumpObjectInfo () const const
void	dumpObjectTree () const const
QList< QByteArray >	dynamicPropertyNames () const const
virtual bool	event (QEvent *e)
virtual bool	eventFilter (QObject watched, QEvent event)
T	findChild (QAnyStringView name, Qt::FindChildOptions options) const const
T	findChild (Qt::FindChildOptions options) const const
QList< T >	findChildren (const QRegularExpression &re, Qt::FindChildOptions options) const const
QList< T >	findChildren (QAnyStringView name, Qt::FindChildOptions options) const const
QList< T >	findChildren (Qt::FindChildOptions options) const const
bool	inherits (const char *className) const const
void	installEventFilter (QObject *filterObj)
bool	isQmlExposed () const const
bool	isQuickItemType () const const
bool	isWidgetType () const const
bool	isWindowType () const const
void	killTimer (int id)
void	killTimer (Qt::TimerId id)
virtual const QMetaObject *	metaObject () const const
bool	moveToThread (QThread *targetThread)
QString	objectName () const const
void	objectNameChanged (const QString &objectName)
QObject *	parent () const const
QVariant	property (const char *name) const const
	Q_CLASSINFO (Name, Value)
	Q_EMIT Q_EMIT
	Q_ENUM (...)
	Q_ENUM_NS (...)
	Q_ENUMS (...)
	Q_FLAG (...)
	Q_FLAG_NS (...)
	Q_FLAGS (...)
	Q_GADGET Q_GADGET
	Q_GADGET_EXPORT (EXPORT_MACRO)
	Q_INTERFACES (...)
	Q_INVOKABLE Q_INVOKABLE
	Q_MOC_INCLUDE Q_MOC_INCLUDE
	Q_NAMESPACE Q_NAMESPACE
	Q_NAMESPACE_EXPORT (EXPORT_MACRO)
	Q_OBJECT Q_OBJECT
	Q_PROPERTY (...)
	Q_REVISION Q_REVISION
	Q_SET_OBJECT_NAME (Object)
	Q_SIGNAL Q_SIGNAL
	Q_SIGNALS Q_SIGNALS
	Q_SLOT Q_SLOT
	Q_SLOTS Q_SLOTS
T	qobject_cast (const QObject *object)
T	qobject_cast (QObject *object)
	QT_NO_CONTEXTLESS_CONNECT QT_NO_CONTEXTLESS_CONNECT
	QT_NO_NARROWING_CONVERSIONS_IN_CONNECT QT_NO_NARROWING_CONVERSIONS_IN_CONNECT
void	removeEventFilter (QObject *obj)
void	setObjectName (const QString &name)
void	setObjectName (QAnyStringView name)
void	setParent (QObject *parent)
bool	setProperty (const char *name, const QVariant &value)
bool	setProperty (const char *name, QVariant &&value)
bool	signalsBlocked () const const
int	startTimer (int interval, Qt::TimerType timerType)
int	startTimer (std::chrono::nanoseconds interval, Qt::TimerType timerType)
QThread *	thread () const const

Static Public Member Functions
static QByteArray	createPassword (const QByteArray &password)
static QByteArray	createPassword (const QByteArray &password, QCryptographicHash::Algorithm method, int iterations, int saltByteSize, int hashByteSize)
static QString	createPassword (const QString &password)
static QByteArray	hmac (QCryptographicHash::Algorithm method, const QByteArray &key, const QByteArray &message)
static QByteArray	pbkdf2 (QCryptographicHash::Algorithm method, const QByteArray &password, const QByteArray &salt, int rounds, int keyLength)
static bool	validatePassword (const QByteArray &password, const QByteArray &correctHash)
static bool	validatePassword (const QString &password, const QString &correctHash)
Static Public Member Functions inherited from QObject
QMetaObject::Connection	connect (const QObject sender, const char signal, const QObject receiver, const char method, Qt::ConnectionType type)
QMetaObject::Connection	connect (const QObject sender, const QMetaMethod &signal, const QObject receiver, const QMetaMethod &method, Qt::ConnectionType type)
QMetaObject::Connection	connect (const QObject sender, PointerToMemberFunction signal, const QObject context, Functor functor, Qt::ConnectionType type)
QMetaObject::Connection	connect (const QObject sender, PointerToMemberFunction signal, const QObject receiver, PointerToMemberFunction method, Qt::ConnectionType type)
QMetaObject::Connection	connect (const QObject *sender, PointerToMemberFunction signal, Functor functor)
bool	disconnect (const QMetaObject::Connection &connection)
bool	disconnect (const QObject sender, const char signal, const QObject receiver, const char method)
bool	disconnect (const QObject sender, const QMetaMethod &signal, const QObject receiver, const QMetaMethod &method)
bool	disconnect (const QObject sender, PointerToMemberFunction signal, const QObject receiver, PointerToMemberFunction method)
QString	tr (const char sourceText, const char disambiguation, int n)

Additional Inherited Members
Public Attributes inherited from QObject
	Invalid
typedef	QObjectList
Protected Member Functions inherited from QObject
virtual void	childEvent (QChildEvent *event)
virtual void	connectNotify (const QMetaMethod &signal)
virtual void	customEvent (QEvent *event)
virtual void	disconnectNotify (const QMetaMethod &signal)
bool	isSignalConnected (const QMetaMethod &signal) const const
int	receivers (const char *signal) const const
QObject *	sender () const const
int	senderSignalIndex () const const
virtual void	timerEvent (QTimerEvent *event)
Properties inherited from QObject
	objectName

Detailed Description

This credential provider authenticates a user with authentication information provided by for example a HTML login formular or another source for login data.

For an example implementation see Authentication overview.

Logging category: cutelyst.plugin.credentialpassword
Logging with Cutelyst

Definition at line 27 of file credentialpassword.h.

Member Enumeration Documentation

◆ PasswordType

enum Cutelyst::CredentialPassword::PasswordType

The used password type.

Enumerator
None	Ignore password check.
Clear	Clear text password.
Hashed	Derived password hash using PBKDF2 method.

Definition at line 35 of file credentialpassword.h.

Constructor & Destructor Documentation

◆ CredentialPassword()

CredentialPassword::CredentialPassword ( QObject * parent = nullptr )

explicit

Constructs a new CredentialPassword object with the given parent.

Definition at line 18 of file credentialpassword.cpp.

References Cutelyst::AuthenticationCredential::AuthenticationCredential(), CredentialPassword(), QObject::QObject(), and QObject::parent().

Referenced by CredentialPassword(), authenticate(), passwordField(), passwordPostSalt(), passwordPreSalt(), passwordType(), setPasswordField(), setPasswordPostSalt(), setPasswordPreSalt(), and setPasswordType().

◆ ~CredentialPassword()

CredentialPassword::~CredentialPassword ( )

overridevirtual

Destroys the CredentialPassword object.

Definition at line 24 of file credentialpassword.cpp.

Member Function Documentation

◆ authenticate()

AuthenticationUser CredentialPassword::authenticate	(	Context *	c,
		AuthenticationRealm *	realm,
		const ParamsMultiMap &	authinfo )

nodiscardfinalvirtual

Tries to authenticate the user from the authinfo by searching it in the given realm. If found, the password will be checked according to the set passwordType(). On success, a not null AuthenticationUser object will be returned.

Implements Cutelyst::AuthenticationCredential.

Definition at line 29 of file credentialpassword.cpp.

References CredentialPassword(), Cutelyst::AuthenticationRealm::findUser(), and Cutelyst::AuthenticationUser::isNull().

◆ createPassword() [1/3]

QByteArray CredentialPassword::createPassword ( const QByteArray & password )

staticnodiscard

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note: If you want to use pre and post salts you have to manually add them to the password.

Definition at line 159 of file credentialpassword.cpp.

References createPassword(), and QCryptographicHash::Sha512.

◆ createPassword() [2/3]

QByteArray CredentialPassword::createPassword	(	const QByteArray &	password,
		QCryptographicHash::Algorithm	method,
		int	iterations,
		int	saltByteSize,
		int	hashByteSize )

staticnodiscard

Returns a derived hash from the clear text password with the given method, iterations, saltByteSize and hashByteSize using the pbkdf2() method.

Note: If you want to use pre and post salts you have to manually add them to the password.

Definition at line 136 of file credentialpassword.cpp.

References QUuid::createUuid(), QByteArray::number(), QFile::open(), pbkdf2(), QIODevice::read(), QIODeviceBase::ReadOnly, QByteArray::toBase64(), and QUuid::toRfc4122().

Referenced by createPassword(), and createPassword().

◆ createPassword() [3/3]

QString Cutelyst::CredentialPassword::createPassword ( const QString & password )

inlinestaticnodiscard

Returns a derived hash from the clear text password with sensible defaults using the pbkdf2() method.

This uses SHA-512 with 10.000 iterations and 16 bytes size for salt and hash.

Note: If you want to use pre and post salts you have to manually add them to the password.

Definition at line 182 of file credentialpassword.h.

References createPassword(), QString::fromLatin1(), and QString::toUtf8().

◆ hmac()

QByteArray CredentialPassword::hmac	(	QCryptographicHash::Algorithm	method,
		const QByteArray &	key,
		const QByteArray &	message )

staticnodiscard

Generates the Hash-based message authentication code.

Definition at line 226 of file credentialpassword.cpp.

References QMessageAuthenticationCode::hash().

◆ passwordField()

QString CredentialPassword::passwordField ( ) const

nodiscard

Returns the field to look for when authenticating the user.

See also: authenticate(), setPasswordField()

Definition at line 49 of file credentialpassword.cpp.

References CredentialPassword().

◆ passwordPostSalt()

QString CredentialPassword::passwordPostSalt ( ) const

nodiscard

Returns the salt string to be appended to the password.

See also: setPasswordPostSalt()

Definition at line 85 of file credentialpassword.cpp.

References CredentialPassword().

Referenced by setPasswordPostSalt().

◆ passwordPreSalt()

QString CredentialPassword::passwordPreSalt ( ) const

nodiscard

Returns the salt string to be prepended to the password.

See also: setPasswordPreSalt()

Definition at line 73 of file credentialpassword.cpp.

References CredentialPassword().

Referenced by setPasswordPreSalt().

◆ passwordType()

CredentialPassword::PasswordType CredentialPassword::passwordType ( ) const

nodiscard

Returns the type of password this class will be dealing with.

See also: setPasswordType()

Definition at line 61 of file credentialpassword.cpp.

References CredentialPassword().

◆ pbkdf2()

QByteArray CredentialPassword::pbkdf2	(	QCryptographicHash::Algorithm	method,
		const QByteArray &	password,
		const QByteArray &	salt,
		int	rounds,
		int	keyLength )