NAME
Dancer::Plugin::Authorize - Dancer Authentication, Security and Role-Based Access Control Framework!
VERSION
version 0.1110
SYNOPSIS
post '/login' => sub {
my $auth = auth(params->{user}, params->{pass});
if (! $auth->errors) {
if ($auth->asa('guest')) {
...
}
if ($auth->can('manage_accounts', 'create')) {
...
}
}
else {
print $auth->errors;
}
};
Note! The authentication framework relies heavily on your choosen session engine, please remember to set that appropiately in your application configuration file.
DESCRIPTION
Dancer::Plugin::Authorize is an authentication framework and role-based access control system. As a role-based access control system Dancer::Plugin::Authorize can be complex but will give you the most flexibilty over all other access control philosophies.
The Dancer::Plugin::Authorize plugin provides your application with the ability to easily authenticate and restrict access to specific users and groups by providing a tried and tested RBAC (role-based access control) system. Dancer::Plugin::Authorize provides this level of sophistication with minimal configuration.
Dancer::Plugin::Authorize exports the auth() keyword:
$auth = auth($login, $pass) # new authorization instance
$auth->asa($role) # check if the authenticated user has the specified role
$auth->can($operation) # check if the authenticated user has permission
$auth->can($operation, $action) # to perform a specific action
$auth->roles(@roles) # get or set roles for the current logged in user
$auth->errors() # authentication errors if any
$auth->revoke() # revoke authorization (logout)
The Dancer::Plugin::Authorize authentication framework relies on the Dancer::Plugin::Authorize::Credentials namespace to do the actual authentication, and likewise relies on the Dancer::Plugin::Authorize::Permissions namespace to handle access control. The following configuration example is based on Dancer::Plugin::Authorize::Credentials::Config and Dancer::Plugin::Authorize::Permissions::Config. This framework also ship with Dancer::Plugin::Authorize::Credentials::SQLite, Dancer::Plugin::Authorize::Credentials::MySQL, Dancer::Plugin::Authorize::Credentials::PostrgeSQL which are arguably easier to setup and utilize.
CONFIGURATION
plugins:
Authorize:
credentials:
class: Config
options:
accounts:
user01:
password: foobar
roles:
- guest
- user
user02:
password: barbaz
roles:
- admin
permissions:
class: Config
options:
control:
admin:
permissions:
manage accounts:
operations:
- view
- create
- update
- delete
user:
permissions:
manage accounts:
operations:
- view
- create
guests:
permissions:
manage accounts:
operations:
- view
AUTHOR
Al Newkirk <awncorp@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2010 by awncorp.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.