https://bugzilla.wikimedia.org/show_bug.cgi?id=28419
--- Comment #39 from Tyler Romeo <tylerro...@gmail.com> 2012-04-01 03:14:07 UTC --- (In reply to comment #38) > (In reply to comment #37) > > OK, now I understand the logic. In that case I'll give my support FWIW. The > > only thing I would recommend is cleanup the structure a little bit. There's > > no > > need for a PasswordType interface when there's a base abstract class that's > > already required to be inherited by the primary Password class. > The separation between PasswordType and BasePasswordType (I think I used to > call it AbstractPasswordType or CommonPasswordType, should I rename it back?) > is what allows the flexible implementation of things like crypt(3). > An implementation that uses our : pattern extends BasePasswordType and lets > BasePasswordType abstract away all the storage, crypt, and comparison bits. > While an implementation that needs to call a 3rd party library or say crypt(3) > with raw data instead implements PasswordType directly and uses the raw data > to > handle crypt and compare itself. > I don't believe I referenced BasePasswordType anywhere but in the extends. All > instanceof checks should be against the PasswordType interface. > > Though I do think I could turn the PasswordType interface into an abstract > class so that isPreferredFormat can have the same `require true;` default as > BasePasswordClass. That's my bad. Mixed up the name of the interface and abstract class and thought you were requiring password types to be children of the base class. Ignore my previous comment. > > Also, I would change the cryptParams() function to defaultCryptParams() and > > replace preferred format with current format. > > Hmmm... 'default' might work. At the same time they don't feel like 'default'. > It's more of a callback saying "I'm hashing a password for the first time, > please create the parameters to run the algorithm with." Using 'default' makes > it sound a little static when it's not, since cryptParams() returns things > like > completely random salts. Default isn't perfect, but all I know is that it shouldn't be preferred. It just gives the wrong idea. Maybe newCryptParams()? Idk. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
