{"id":17861179,"url":"https://github.com/jonathanstowe/redx-hashedpassword","last_synced_at":"2026-05-02T04:40:25.842Z","repository":{"id":66980488,"uuid":"228564645","full_name":"jonathanstowe/RedX-HashedPassword","owner":"jonathanstowe","description":"A facility to allow the Red ORM to store and use hashed passwords in the database","archived":false,"fork":false,"pushed_at":"2022-08-07T08:46:25.000Z","size":23,"stargazers_count":1,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2023-04-22T17:07:00.127Z","etag":null,"topics":["database","hash","password","raku","red"],"latest_commit_sha":null,"homepage":null,"language":"Raku","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"artistic-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jonathanstowe.png","metadata":{"files":{"readme":"README.md","changelog":"Changes","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-17T08:03:49.000Z","updated_at":"2022-08-07T08:46:28.000Z","dependencies_parsed_at":"2023-05-16T10:00:54.307Z","dependency_job_id":null,"html_url":"https://github.com/jonathanstowe/RedX-HashedPassword","commit_stats":null,"previous_names":[],"tags_count":7,"template":null,"template_full_name":null,"purl":"pkg:github/jonathanstowe/RedX-HashedPassword","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanstowe%2FRedX-HashedPassword","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanstowe%2FRedX-HashedPassword/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanstowe%2FRedX-HashedPassword/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanstowe%2FRedX-HashedPassword/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jonathanstowe","download_url":"https://codeload.github.com/jonathanstowe/RedX-HashedPassword/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanstowe%2FRedX-HashedPassword/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32523428,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-02T01:12:54.858Z","status":"online","status_checked_at":"2026-05-02T02:00:05.923Z","response_time":132,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["database","hash","password","raku","red"],"created_at":"2024-10-28T08:43:13.742Z","updated_at":"2026-05-02T04:40:25.836Z","avatar_url":"https://github.com/jonathanstowe.png","language":"Raku","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RedX::HashedPassword\n\nA facility to allow the Red ORM to store and use hashed passwords in the database.\n\n![Build Status](https://github.com/jonathanstowe/RedX-HashedPassword/workflows/CI/badge.svg)\n\n## Synopsis\n\n```raku\n\nuse Red;\nuse RedX::HashedPassword;\n\nmodel User {\n    has Int $.id        is serial;\n    has Str $.username  is column;\n    has Str $.password  is password handles \u003ccheck-password\u003e;\n}\n\n...\n\nUser.^create( username =\u003e 'user', password =\u003e 'password'); # password is saved as a hash\n\n...\n\nmy User $user = User.^rs.first( *.username eq 'user' );\n\n$user.check-password('password');  # True\n\n```\n\n## Description\n\nThis provides a mechanism for [Red](https://github.com/FCO/Red) to store a password\nas a cryptographic hash in the database, such that someone who gains access to the\ndatabase cannot see the plain text password that may have been entered by a user.\n\nThe primary interface provided is the ```is password``` trait that should be\napplied to the column attribute in your model definition that you want to store the\nhashed password in, this takes care of hashing the password before it is stored in\nthe database, on retrieval (\"inflation\") it also applies a role that provides a method\n```check-password``` that checks a provided plaintext password against the stored hash.\nYou can make this appear to be a method of your (for example,) User model by applying\nthe ```handles \u003ccheck-password\u003e``` trait to your column attribute.\n\nThe hashing algorithm used will be the best one provided by\n[Crypt::AnyPasswordHash](https://github.com/jonathanstowe/Crypt-AnyPasswordHash)\nwhich has two implications, firstly the default provider is\n[Crypt::Libcrypt](https://github.com/jonathanstowe/Crypt-Libcrypt) if no\nother supported hashing module is installed, this will attempt to use the\nmechanism suggested by the `libcrypt` but if this can't be determined,\nit will fall back to SHA-512 which seems to be the best commonly provided\nalgorithm, except on `MacOS` where the `libcrypt` only appears to support\nthe \"heritage\" DES algorithm - which has been considered insecure for most\nof this century, so you probably don't want to use this in production\non MacOS for the timebeing without installing one of the other modules\nsupported by `Crypt::AnyPasswordHash`. The second implication is that,\nif you are going to access the hashed password from multiple hosts,\nyou should ensure that you have the same hashing module installed on\nall the hosts in order that they can all verify the same methods.\n\n## Installtion\n\nAssuming you have a working Rakudo installation then you can install this with *zef*:\n\n\n     zef install RedX::HashedPassword\n\n     # or from a local copy\n\n     zef install .\n\nThe module requires at least v0.1.0 of [Crypt::Libcrypt](https://github.com/jonathanstowe/Crypt-Libcrypt)\nso you may want to upgrade that first if you already have it installed.\n\n## Support\n\nSuggestions/patches are welcomed via github at:\n\nhttps://github.com/jonathanstowe/RedX-HashedPassword/issues\n\nIdeally there should be a better choice of hashing algorithm from those\nprovided by the OS and installed modules, this will come after the initial\nrelease.\n\n\n## Licence\n\nThis is free software.\n\nPlease see the [LICENCE](LICENCE) file in the distribution\n\n© Jonathan Stowe 2019 - 2026\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonathanstowe%2Fredx-hashedpassword","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjonathanstowe%2Fredx-hashedpassword","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonathanstowe%2Fredx-hashedpassword/lists"}