NAME
Dancer::Plugin::Authorize - Dancer Authentication, Security and Role-Based Access Control Framework!
VERSION
version 0.02
SYNOPSIS
post '/login' => sub {
if (auth(params->{user}, params->{pass})) {
if (auth_asa('guest')) {
...
}
if (auth_can('manage_accounts', 'create')) {
...
}
}
else {
print auth_err;
}
};Note! The authentication framework relies heavily on your choosen session engine, please remember to set that appropiately in your application configuration file.
DESCRIPTION
Dancer::Plugin::Authorize is an authentication framework and role-based access control system. As a role-based access control system Dancer::Plugin::Authorize can be complex but will give you the most flexibilty over all other access control methodologies.
Mainly under the Authorize plugin section in the configuration file you'll have a keyword which defines all the authentication information needed for that particular authentication scheme, this keyword exists solely to accomidate use-cases where multiple authentication schemes are needed. e.g. an application may need to authenticate different types of users differents, i.e. users may need LDAP authentication and customers may need DBIC authentication. etc.
Dancer::Plugin::Authorize then creates the following functions using your keywords:
$keyword = 'foo';
foo() # authentication function
foo_asa($role) # check if the authenticated user has the specified role
foo_can($operation, $action) # check if the authenticated user has permission
# to perform a specific action
foo_err() # authentication errors The Dancer::Plugin::Authorize authentication framework relies on the Dancer::Plugin::Authorize::Credentials namespace to do the actual authentication, and likewise relies on the Dancer::Plugin::Authorize::Permissions namespace to handle access control.
CONFIGURATION
plugins:
Authorize:
auth: # keyword allows one to setup multiple authentication schemes
credentials:
class: Config
options:
... # options are determined by the requirements of the credentials class
... e.g.
accounts:
user01:
password: foobar
roles:
- guest
- user
user02:
password: barbaz
roles:
- admin
permissions:
class: Config
options:
... # options are determined by the requirements of the permissions class
... e.g.
control:
admin:
permissions:
manage accounts:
operations:
- view
- create
- update
- delete
user:
permissions:
manage accounts:
operations:
- view
- create
guests:
permissions:
manage accounts:
operations:
- viewAUTHOR
Al Newkirk <awncorp@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2010 by awncorp.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.