NAME

Ado::Plugin::Auth - Authenticate users

SYNOPSIS

#in ado.${\$app->mode}.conf
plugins =>[
  #...
  {name => 'auth', config => {
      auth_methods =>['ado', 'facebook',...],
      routes => [...]
    }
  }
  #...
]

DESCRIPTION

Ado::Plugin::Auth is a plugin that authenticates users to an Ado system. Users can be authenticated locally or using (TODO!) Facebook, Google, Twitter and other authentication service-providers.

OPTIONS

The following options can be set in etc/ado.conf. You can find default options in etc/plugins/auth.conf.

auth_methods

This option will enable the listed methods (services) which will be used to authenticate a user. The services will be listed in the specified order in the partial template authbar.html.ep that can be included in any other template on your site.

#in ado.${\$app->mode}.conf
plugins =>[
  #...
  {name => 'auth', config => {
      auth_methods =>['ado', 'facebook',...]
    }
  }
  #...
]

CONDITIONS

Ado::Plugin::Auth provides the following conditions to be used by routes. To find more about conditions read "Conditions" in Mojolicious::Guides::Routing.

authenticated

Condition for routes used to check if a user is authenticated. Additional parameters can be passed to specify the preferred authentication method to be preselected in the login form if condition redirects to /login/:auth_method.

# add the condition programatically
$app->routes->route('/ado-users/:action', over => {authenticated=>1});
$app->routes->route('/ado-users/:action', 
  over => [authenticated => 1, authz => {group => 'admin'}]
);

#in ado.conf or ado.${\$app->mode}.conf
routes => [
  #...
  {
    route => '/ado-users/:action:id',
    via   => [qw(PUT DELETE)],
    
    # only authenticated users can edit and delete users,
    # and only if they are authorized to do so
    over => [authenticated => 1, authz => {group => 'admin'}],
    to =>'ado-users#edit'
  }
],

ingroup

Checks if a user is in the given group. Returns true or false

# in etc/routes.conf or etc/fooplugin.conf
{
  route => '/vest', 
  via => ['GET'], 
  to => 'vest#screen', 
  over => {authenticated => 1, ingroup => 'foo'},
}
# programatically
$app->routes->route('/ado-users/:action', over => {ingroup => 'foo'});

HELPERS

Ado::Plugin::Auth provides the following helpers for use in Ado::Control methods and templates.

ROUTES

Ado::Plugin::Auth provides the following routes (actions):

/login

/login/:auth_method

If accessed using a GET request displays a login form. If accessed via POST performs authentication using :auth_method.

/logout

Expires the session and redirects to the base URL.

$c->logout();

TEMPLATES

Ado::Plugin::Auth embeds the following templates. You can run ado inflate and modify them. Usage examples can be found at http://localhost:3000 after starting ado.

partials/authbar.html.ep

Renders a menu dropdown for choosing methods for signing in.

partials/login_form.html.ep

Renders a Login form.

login.html.ep

Renders a page containing the login form.

METHODS

Ado::Plugin::Auth inherits all methods from Ado::Plugin and implements the following new ones.

register

This method is called by $app->plugin. Registers the plugin in Ado application and merges authentication configuration from $MOJO_HOME/etc/ado.conf with settings defined in $MOJO_HOME/etc/plugins/auth.conf. Authentication settings defined in ado.conf will overwrite those defined in plugins/auth.conf.

TODO

The following authentication methods are in the TODO list: facebook, linkedin, google. Others may be added later.

SEE ALSO

Ado::Plugin, Ado::Manual::Plugins, Mojolicious::Plugins, Mojolicious::Plugin, "Conditions" in Mojolicious::Guides::Routing

SPONSORS

The original author

AUTHOR

Красимир Беров (Krasimir Berov)

COPYRIGHT AND LICENSE

Copyright 2014 Красимир Беров (Krasimir Berov).

This program is free software, you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License v3 (LGPL-3.0). You may copy, distribute and modify the software provided that modifications are open source. However, software that includes the license may release under a different license.

See http://opensource.org/licenses/lgpl-3.0.html for more information.