Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Authentication framework for Dancer-based web applications

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 example
Octocat-spinner-32 lib
Octocat-spinner-32 t
Octocat-spinner-32 .travis.yml
Octocat-spinner-32 Changes
Octocat-spinner-32 MANIFEST
Octocat-spinner-32 Makefile.PL
Octocat-spinner-32 README
Octocat-spinner-32 TODO.pod
Octocat-spinner-32 ignore.txt
README
NAME
    Dancer::Plugin::Auth::Extensible - extensible authentication framework
    for Dancer apps

SYNOPSIS
    Configure the plugin to use the authentication class you wish to use.

    See for example Dancer::Plugin::Auth::Extensible::Provider::Database.

        plugins:
            auth:
                extensible:
                    provider: Example

    Define that a user must be logged in to access a route:

        get '/secret' => sub :RequireRole(Confidant) { tell_secrets(); };

    Define that a user must be logged in to access a route - and find out
    who is logged in with the `logged_in_user' keyword:

        get '/users' => sub :RequireLogin {
            my $user = logged_in_user;
            return "Hi there, $user->{username}";
        };

Controlling access to routes
    Subroutine attributes are used to indicate that a route requires a
    login, or a specific role.

    Multiple roles can easily be provided as a space-separated list, for
    example:

        get '/user/:user_id' => sub :RequireRole(Admin TeamLeader) {
            ...
        };

    If you only care that the user be logged in, use the RequireLogin
    attribute instead:

        get '/dashboard' => sub :RequireLogin { .... };

    If the user is not logged in, the `login_needed' hook will fire; code
    using that hook can return a redirect to a login page URL, or generate
    and return a login page.

    If no hook issues a redirection or response, the default is to output a
    simple built-in login page, allowing you to immediately start using this
    framework.

    Similarly, if the user is logged in, but does not have a suitable role,
    the `permission_denied' hook will fire; code using that hook can return
    a redirect or a response. If no code does so, a default "permission
    denied" response will be issued.

  Keywords
    logged_in_user
        Returns a hashref of details of the currently logged-in user, if
        there is one.

        The details you get back will depend upon the authentication
        provider in use.

    user_has_role
        Check if a user has the role named.

        By default, the currently-logged-in user will be checked, so you
        need only name the role you're looking for:

            if (user_has_role('BeerDrinker')) { pour_beer(); }

        You can also provide the username to check;

            if (user_has_role($user, $role)) { .... }

BUGS / FEATURE REQUESTS
    This is an early version; there may still be bugs present or features
    missing.

    This is developed on GitHub - please feel free to raise issues or pull
    requests!

ACKNOWLEDGEMENTS
LICENSE AND COPYRIGHT
    Copyright 2012 David Precious.

    This program is free software; you can redistribute it and/or modify it
    under the terms of either: the GNU General Public License as published
    by the Free Software Foundation; or the Artistic License.

    See http://dev.perl.org/licenses/ for more information.

Something went wrong with that request. Please try again.