Save as
app.psgi and run with
thrall. That will be 200 US dollars,
payable to the Perl Foundation.
use strict;
use warnings;
use Plack::Request qw();
use HTTP::Status qw(
HTTP_OK HTTP_METHOD_NOT_ALLOWED HTTP_CREATED HTTP_UNPROCESSABLE_EN
+TITY
);
use Authen::Passphrase::Argon2 qw();
use Crypt::URandom qw(urandom);
use Number::MuPhone qw();
use WebService::HIBP qw();
use DBI qw();
require DBD::SQLite;
my $dbfile = 'Ekanvitha9.sqlite';
my $html = <<'HTML';
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
<form method="POST">
<div>
<label for="name">Name:</label>
<input type="text" id="name" name="name" />
</div>
<div>
<label for="gender">Gender:</label>
<input type="radio" id="g1" name="gender" value="g1" /
+>
<label for="g1">DID YOU JUST ASSUME MY GENDER?</label>
<input type="radio" id="g2" name="gender" value="g2" /
+>
<label for="g2">attack helicopter</label>
</div>
<div>
<label for="phone">Phone number:</label>
<input type="tel" id="phone" name="phone" />
</div>
<div>
<label for="passphrase">Pass phrase:</label>
<input type="password" id="passphrase" name="passphras
+e" />
</div>
<input type="submit" />
</form>
</body>
</html>
HTML
my $app = sub {
my ($env) = @_;
my $req = Plack::Request->new($env);
if ('GET' eq $req->method) {
return $req->new_response(
HTTP_OK, ['Content-Type' => 'application/xhtml+xml'], [$ht
+ml]
)->finalize;
} elsif ('POST' eq $req->method) {
my $phone = Number::MuPhone->new($req->parameters->get('phone'
+));
return $req->new_response(
HTTP_UNPROCESSABLE_ENTITY,
['Content-Type' => 'text/plain'],
['invalid phone number ', $phone ? $phone->error : '' ]
)->finalize if (not defined $phone) or $phone->error;
return $req->new_response(
HTTP_UNPROCESSABLE_ENTITY,
['Content-Type' => 'text/plain'],
['wow, that is a really shitty passphrase']
)->finalize if WebService::HIBP->new->password(
$req->parameters->get('passphrase')
) > 0;
unless (-e $dbfile) {
DBI->connect("dbi:SQLite:dbname=$dbfile")->do(
'create table users (id text, name text, gender text,
+phone text, passphrase text)'
);
}
my $dbh = DBI->connect("dbi:SQLite:dbname=$dbfile");
$dbh->{sqlite_unicode} = 1;
my $sth = $dbh->prepare(
'insert into users (id, name, gender, phone, passphrase) v
+alues (?,?,?,?,?)'
);
$sth->execute(
sprintf('%08d', rand(100_000_000)),
$req->parameters->get('name'),
$req->parameters->get('gender'),
$req->parameters->get('phone'),
Authen::Passphrase::Argon2->new(
passphrase => $req->parameters->get('passphrase'),
salt => urandom(16),
cost => 1,
factor => '4096M',
parallelism => 4,
size => 16,
)->hash
);
return $req->new_response(
HTTP_CREATED, ['Content-Type' => 'text/plain'], ['done']
)->finalize;
} else {
return $req->new_response(HTTP_METHOD_NOT_ALLOWED)->finalize;
}
};
