Documented simple auth app.

2014-06-24 13:21:55 +02:00 · 2014-06-24 13:21:55 +02:00 · 6dd8bf6a52
parent a5302532fb
commit 6dd8bf6a52
1 changed files with 39 additions and 1 deletions
--- a/Documentation/Books/Users/FoxxBundledApps/SimpleAuth.mdpp
+++ b/Documentation/Books/Users/FoxxBundledApps/SimpleAuth.mdpp
@ -1,3 +1,41 @@
 !CHAPTER The Simple Authentication App

-WRITEME
+The simple auth app provides hashed password-based authentication with automatically generated salts and constant-time password verification.
+
+*Configuration*
+
+* *saltLength* (optional): length of newly generated salts. Default: *16*.
+* *hashMethod* (optional): hash algorithm to use. Supported values: *sha1*, *sha224*, *sha256*, *md5*. Default: *"sha256"*.
+
+```js
+var auth = Foxx.requireApp('/_auth').auth;
+```
+
+!SECTION Generate an authentication object
+
+Generates an authentication object for a given password.
+
+`auth.hashPassword(password)`
+
+Returns an authentication object with the following properties:
+
+* *hash*: the generated hex-encoded hash.
+* *salt*: the salt used to generate the hash.
+* *method*: the algorithm used to generate the hash.
+
+*Parameter*
+
+* *password*: the password to hash.
+
+!SECTION Verify a password
+
+Verifies a password against a given authentication object.
+
+`auth.verifyPassword(authData, password)`
+
+Generates a hash for the given password using the *salt* and *method* stored in the authentication object and performs a constant time string comparison on them. Returns *true* if the password is valid or *false* otherwise.
+
+*Parameter*
+
+* *authData*: an authentication object.
+* *password*: a password to verify.