NAME

ASP4::RequestFilter - Filter incoming requests

SYNOPSIS

package My::MemberFilter;

use strict;
use warnings 'all';
use base 'ASP4::RequestFilter';
use vars __PACKAGE__->VARS;

sub run {
  my ($self, $context) = @_;
  
  if( $Session->{is_logged_in} )
  {
    # The user is logged in - we can ignore this request:
    return $Response->Declined;
  }
  else
  {
    # The user must authenticate first:
    $Session->{validation_errors} = { general => "You must log in first" };
    return $Response->Redirect("/login/");
  }# end if()
}

1;# return true:

Then, in your asp4-config.json:

{
  ...
  "web": {
    ...
    "request_filters": [
      {
        "uri_match":  "/regexp/to/(path|place).*?",
        "class"       "My::MemberFilter"
      },
      {
        "uri_match":  "/regexp/to/(some|other|area).*?",
        "class"       "My::OtherFilter"
      }
    ]
    ...
  },
  ...
}

DESCRIPTION

Subclass ASP4::RequestFilter to instantly apply rules to incoming requests.

These RequestFilters also work for testing via ASP4::API.

ABSTRACT METHODS

run( $self, $context )

IMPORTANT: Return -1 (or $Response->Declined) to allow the current RequestFilter to be ignored.

Returning anything else...

return $Response->Redirect("/unauthorized/");

...results in the termination of the current request right away.