NAME

Mojolicious::Plugin::Authentication - A plugin to make authentication a bit easier

VERSION

version 1.14

SYNOPSIS

use Mojolicious::Plugin::Authentication

$self->plugin('authentication' => {
    'session_key' => 'wickedapp',
    'load_user' => sub { ... },
    'validate_user' => sub { ... },
});

if ($self->authenticate('username', 'password')) {
    ... 
}

METHODS

authenticate($username, $password)

Authenticate will use the supplied load_user and validate_user subroutine refs to see whether a user exists with the given username and password, and will set up the session accordingly. Returns true when the user has been successfully authenticated, false otherwise.

user_exists

Returns true if an authenticated user exists, false otherwise.

user

Returns the user object as it was returned from the supplied 'load_user' subroutine ref.

logout

Removes the session data for authentication, and effectively logs a user out.

CONFIGURATION

The following options can be set for the plugin:

load_user (REQUIRED) A coderef for user loading (see USER LOADING) validate_user (REQUIRED) A coderef for user validation (see USER VALIDATION) session_key (optional) The name of the session key

In order to set the session expiry time, use the following in your startup routine:

$app->plugin('authentication', { ... }); $app->sessions->default_expiration(86400); # set expiry to 1 day $app->sessions->default_expiration(3600); # set expiry to 1 hour

USER LOADING

The coderef you pass to the load_user configuration key has the following signature:

sub { 
    my ($app, $uid) = @_;
    ...
    return $user;
}

The uid is the value that was originally returned from the validate_user coderef. You must return either a user object (it can be a hashref, arrayref, or a blessed object) or undef.

USER VALIDATION

User validation is what happens when we need to authenticate someone. The coderef you pass to the validate_user configuration key has the following signatre:

sub {
    my ($app, $username, $password) = @_;
    ...
    return $uid;
}

You must return either a user id or undef. The user id can be numerical or a string. Do not return hashrefs, arrayrefs or objects, since the behaviour of this plugin could get a little bit on the odd side of weird.

EXAMPLES

For a code example using this, see the t/01-functional.t test, it uses Mojolicious::Lite and this plugin.

ROUTING VIA CONDITION

This plugin also exports a routing condition you can use in order to limit access to certain documents to only authenticated users.

$r->route('/foo')->over(authenticated => 1)->to('mycontroller#foo');

my $authenticated_only = $r->route('/members')->over(authenticated => 1)->to('members#index');
$authenticated_only->route('online')->to('members#online');

If someone is not authenticated, these routes will not be considered by the dispatcher and unless you have set up a catch-all route, a 404 Not Found will be generated instead.

ROUTING VIA BRIDGE

If you want to be able to send people to a login page, you will have to use the following:

my $members_only = $r->route('/members')->to(cb => sub {
    my $self = shift;

    $self->redirect_to('/login') and return 0 unless($self->user_exists);
    return 1;
});

$members_only->route('online')->to('members#online');

AUTHOR

Ben van Staveren, <madcat at cpan.org>

BUGS / CONTRIBUTING

Please report any bugs or feature requests through the web interface at https://github.com/benvanstaveren/mojolicious-plugin-authentication/issues.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Mojolicious::Plugin::Authentication

You can also look for information at:

AnnoCPAN: Annotated CPAN documentation

http://annocpan.org/dist/Mojolicious-Plugin-Authentication
CPAN Ratings

http://cpanratings.perl.org/d/Mojolicious-Plugin-Authentication
Search CPAN

http://search.cpan.org/dist/Mojolicious-Plugin-Authentication/

ACKNOWLEDGEMENTS

Andrew Parker - For pointing out some bugs that crept in; a silent reminder not to code while sleepy

Mirko Westermeier (memowe) - For doing some (much needed) code cleanup

LICENSE AND COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See http://dev.perl.org/licenses/ for more information.

To install Mojolicious::Plugin::Authentication, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mojolicious::Plugin::Authentication

CPAN shell

perl -MCPAN -e shell
install Mojolicious::Plugin::Authentication

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)