This package is the Yesod.Auth.HashDB plugin, originally included as part of yesod-auth, but now modified to be more secure and placed in a separate package.
It provides authentication using hashed passwords stored in a database, and works best in situations where an administrator is involved in setting up a user with an initial password.
The complete login process, including a default form, is implemented by this plugin, but the application developer must design the interfaces for setting up users and allowing them to change their own passwords, since only the low-level password-setting functions are provided by this package. (Note that other authentication plugins may be more appropriate if you wish to use email verification to set up accounts).
- Minor documentation improvement
- Reduce external-library dependencies for tests
- Include CSRF token in default form
This release can break both old code and old database entries. For details of upgrading, please see Upgrading.md.
- First phase of removing compatibility with old databases designed for versions before 1.3
- Remove deprecated utilities (
- Changes to work with persistent-2.5
- Relax upper bound to allow persistent-2.2.*
- Add ChangeLog
- Use internationalized messages
- Minor documentation change
- Expose additional validation function which does not need to read the database
- Deprecate compatibility with old data which includes a salt field
- Changes for Yesod 1.4
- Documentation improvement
- Optional custom login form
- Deprecate predefined
- Changes for Persistent 2
- Version bounds
- Minor documentation changes
- First release as a separate package, not part of yesod-auth