NAME
Ado::Plugin::Auth - Authenticate users
SYNOPSIS
#in ado.${\$app->mode}.conf
plugins =>[
#...
{name => 'auth', config => {
auth_methods =>['ado', 'facebook',...],
routes => [...]
}
}
#...
]
DESCRIPTION
Ado::Plugin::Auth is a plugin that authenticates users to an Ado system. Users can be authenticated locally or using (TODO!) Facebook, Google, Twitter and other authentication service-providers.
OPTIONS
The following options can be set in etc/ado.conf
. You can find default options in etc/plugins/auth.conf
.
auth_methods
This option will enable the listed methods (services) which will be used to authenticate a user. The services will be listed in the specified order in the partial template authbar.html.ep
that can be included in any other template on your site.
#in ado.${\$app->mode}.conf
plugins =>[
#...
{name => 'auth', config => {
auth_methods =>['ado', 'facebook',...]
}
}
#...
]
CONDITIONS
Ado::Plugin::Auth provides the following conditions to be used by routes. To find more about conditions read "Conditions" in Mojolicious::Guides::Routing.
authenticated
Condition for routes used to check if a user is authenticated. Additional parameters can be passed to specify the preferred authentication method to be preselected in the login form if condition redirects to /login/:auth_method
.
# add the condition programatically
$app->routes->route('/ado-users/:action', over => {authenticated=>1});
$app->routes->route('/ado-users/:action',
over => [authenticated => 1, authz => {group => 'admin'}]
);
#in ado.conf or ado.${\$app->mode}.conf
routes => [
#...
{
route => '/ado-users/:action:id',
via => [qw(PUT DELETE)],
# only authenticated users can edit and delete users,
# and only if they are authorized to do so
over => [authenticated => 1, authz => {group => 'admin'}],
to =>'ado-users#edit'
}
],
ingroup
Checks if a user is in the given group. Returns true or false
# in etc/routes.conf or etc/fooplugin.conf
{
route => '/vest',
via => ['GET'],
to => 'vest#screen',
over => {authenticated => 1, ingroup => 'foo'},
}
# programatically
$app->routes->route('/ado-users/:action', over => {ingroup => 'foo'});
HELPERS
Ado::Plugin::Auth provides the following helpers for use in Ado::Control methods and templates.
ROUTES
Ado::Plugin::Auth provides the following routes (actions):
/login
/login/:auth_method
If accessed using a GET
request displays a login form. If accessed via POST
performs authentication using :auth_method
.
/logout
Expires the session and redirects to the base URL.
$c->logout();
TEMPLATES
Ado::Plugin::Auth embeds the following templates. You can run ado inflate
and modify them. Usage examples can be found at http://localhost:3000 after starting ado.
partials/authbar.html.ep
Renders a menu dropdown for choosing methods for signing in.
partials/login_form.html.ep
Renders a Login form.
login.html.ep
Renders a page containing the login form.
METHODS
Ado::Plugin::Auth inherits all methods from Ado::Plugin and implements the following new ones.
register
This method is called by $app->plugin
. Registers the plugin in Ado application and merges authentication configuration from $MOJO_HOME/etc/ado.conf
with settings defined in $MOJO_HOME/etc/plugins/auth.conf
. Authentication settings defined in ado.conf
will overwrite those defined in plugins/auth.conf
.
TODO
The following authentication methods are in the TODO list: facebook, linkedin, google. Others may be added later.
SEE ALSO
Ado::Plugin, Ado::Manual::Plugins, Mojolicious::Plugins, Mojolicious::Plugin, "Conditions" in Mojolicious::Guides::Routing
SPONSORS
The original author
AUTHOR
Красимир Беров (Krasimir Berov)
COPYRIGHT AND LICENSE
Copyright 2014 Красимир Беров (Krasimir Berov).
This program is free software, you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License v3 (LGPL-3.0). You may copy, distribute and modify the software provided that modifications are open source. However, software that includes the license may release under a different license.
See http://opensource.org/licenses/lgpl-3.0.html for more information.