Doorman::Manual

Doorman is a collection of PSGI middlewares that are designed to perform authentication jobs. It stores authentication info in the session or env, you just configure it properly.

Chaining multiple Doorman middlewares

Your PSGI app can enable multiple doorman authentication middlewares to allow your app visitor to sign in with one of them.

enable "DoormanAuthentication", authenticator => \&my_authenticator;
enable "DoormanOpenID";

When it is about to authenticae the session, Doorman middlewares are all implemented following these policies:

1. If all the required parameters are missing, skip.
2. Otherwise, perform the real authentication event though it is likely to fail
3. If it does fail, store the error status and message in C<$env>

The authentication chain is iterated in the same order you specify in the code.

Depending on your sign-in form design, you may choose to have multiple forms for each authentication method, or you may design to have one big form with all credential fields, say, username, password, and openid. Visitors either fill openid, or username and password, or maybe all of them.

If so, it is recommended that you put DoormanOpenID at the end, for the response of POSTing a openid URL, is to perform a redirect to openid server. The original username and password will be missing by the time it is redirected back from the openid server.

For example code that facilitate chaining, see examples/openid-with-local.psgi in the distribution tarball.