Changes for version 0.40 - 2015-04-30
- ENHANCEMENTS
- Login handlers go straight to homepage if user was already logged in (thanks to @colinmkeith, GH-32)
- Kwalitee improvements from Michael Gray (mjg17) as part of the awesome pull request challenge (GH-43, GH-44, GH-45, GH-46)
- SECURITY
- Ensure the username and password we got were straight scalars, to avoid potential for "JSON SQL injection" if they came from a deserialised JSON POST body, and contained a hashref that, if fed to e.g. SQL::Abstract or such, would cause a different query to what we'd expect.
Modules
extensible authentication framework for Dancer apps
base class for authentication providers
example auth provider using app config
authenticate via a database
example authentication provider
authenticate *nix system accounts