NAME
Scaffold::Uaf::Authenticate - An Basic Authentication Framework
DESCRIPTION
This mixin is responsible for authenicating, and creating the User object. This module should be overridden and extended as needed by your application.
This module understands the following config settings:
uaf_cookie_path - The path for the security token, defaults to "/"
uaf_cookie_domain - The cookie domain, not currently used
uaf_cookie_secure - Wither the cookie should only be used with SSL
uaf_limit - the limit on login attempts, defaults to 3
uaf_timeout - the timeout for the session, defaults to 3600
uaf_secret - the value to use as a "salt" when encrypting
uaf_filter - the url filter to use, defaults to /^{app_rootp}\/(login|static).*/
uaf_login_title - title for the login page, defaults to 'Please Login"
uaf_login_wrapper - the wrapper for the login page, defaults to "wrapper.tt"
uaf_login_template - the template for the login page, defaults to "uaf_login.tt"
uaf_denied_title - title for the denied page, defaults to "Login Denied"
uaf_denied_wrapper - the wrapper for the denied page, defaults to "wrapper.tt"
uaf_denied_template - the template for the denied page, defaults to "uaf_denied.tt"
uaf_logout_title - title for the logout page, default to "Logout"
uaf_logout_wrapper - the wrapper for the logout page, defaults to "wrapper.tt"
uaf_logout_template - the template for the logout page, defaults to "uaf_logout.tt"
METHODS
- uaf_is_valid
-
This method is used to authenticate the current session. The default authentication behaviour is based on security tokens. A token is storeed within the session store and a token is retireved from a cookie. If the two match, the session is condsidered autheticate. When the session is authenticated an User object is returned.
- uaf_validate
-
This method handles the validation of the current session. It accepts two parameters. They are a username and password. When the session is validated, an User object is created and returned. The default validate() method only knows about "admin" and "demo" users, with default passwords of "admin" and "demo". This method should be overridden to refelect your applications Users datastore and validation policy.
- uaf_invalidate
-
This method will invalidate the current session. You may wish to override this method. By default it removes the User object form the session store, removes the secuity token from the session store and removes the security cookie.
- uaf_set_token
-
This method creates the security token. It is passed the User object. The default action is to create a token using parts of the User object and random data. This token is then stored in the session store and sent to the browser as a cookie.
- uaf_avoid
-
Some application may wish to implement an avoidence scheme for certain situations. This is a hook to allow that to happen. The default action is to do nothing.
- uaf_check_credentials
-
Check the username and password for validity.
ACCESSORS
These accessors return the corresponding config items.
- uaf_filter
- uaf_limit
- uaf_timeout
- uaf_secret
- uaf_filter
- uaf_login_rootp
- uaf_denied_rootp
- uaf_login_title
- uaf_login_wrapper
- uaf_login_template
- uaf_denied_title
- uaf_denied_wrapper
- uaf_denied_template
- uaf_logout_title
- uaf_logout_wrapper
- uaf_logout_template
SEE ALSO
Scaffold
Scaffold::Base
Scaffold::Cache
Scaffold::Cache::FastMmap
Scaffold::Cache::Manager
Scaffold::Cache::Memcached
Scaffold::Class
Scaffold::Constants
Scaffold::Engine
Scaffold::Handler
Scaffold::Handler::Default
Scaffold::Handler::Favicon
Scaffold::Handler::Robots
Scaffold::Handler::Static
Scaffold::Lockmgr
Scaffold::Lockmgr::KeyedMutex
Scaffold::Lockmgr::UnixMutex
Scaffold::Plugins
Scaffold::Render
Scaffold::Render::Default
Scaffold::Render::TT
Scaffold::Server
Scaffold::Session::Manager
Scaffold::Stash
Scaffold::Stash::Controller
Scaffold::Stash::Cookie
Scaffold::Stash::View
Scaffold::Uaf::Authenticate
Scaffold::Uaf::AuthorizeFactory
Scaffold::Uaf::Authorize
Scaffold::Uaf::GrantAllRule
Scaffold::Uaf::Login
Scaffold::Uaf::Logout
Scaffold::Uaf::Manager
Scaffold::Uaf::Rule
Scaffold::Uaf::User
Scaffold::Utils
AUTHOR
Kevin L. Esteb <kesteb@wsipc.org>
COPYRIGHT AND LICENSE
Copyright (C) 2007 Kevin L. Esteb
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, at your option, any later version of Perl 5 you may have available.