NAME

Mojolicious::Plugin::Authentication - A plugin to make authentication a bit easier

VERSION

Version 0.01

SYNOPSIS

use Mojolicious::Plugin::Authentication
use Mojolicious::Plugin::Session;

$self->plugin('authentication' => {
    session => {
        'stash_key' => 'mojox-session',
    },
    'load_user' => sub { ... },
    'validate_user' => sub { ... },
});

if($self->authenticate('username', 'password')) {
    ... 
}

METHODS

authenticate($username, $password)

Authenticate will use the supplied load_user and validate_user subroutine refs to see whether a user exists with the given username and password, and will set up the session accordingly.
Returns true when the user has been successfully authenticated, false otherwise.

user_exists

Returns true if an authenticated user exists, false otherwise.

user

Returns the user object as it was returned from the supplied 'load_user' subroutine ref.

logout

Removes the session data for authentication, and effectively logs a user out.

session

Returns a hashref containing all session data. Changes made here are automatically committed when the request ends.

CONFIGURATION

You must supply 2 subroutines, namely 'load_user' and 'validate_user'. load_user is called when the plugin needs to load a user from the user store. It's done this way to give you maximum flexibility whilst making life a little easier in the long run. load_user is expected to return a valid user object/hash/array/thingamajig. validate_user is called from the authenticate module and is passed a username and password, and is expected to return either a user id or undef, depending on whether the user is logged in or not.

EXAMPLE

use Mojolicious::Lite;

plugin 'session' => { stash_key => 'session', store => 'dbi', expires_delta => 5 };
plugin 'authentication' => { 
    session_stash_key => 'session', 
    stash_key => 'auth', 
    load_user => sub {
        my $self = shift;
        my $uid = shift;
        # assume we have a db helper that also uses DBI
        my $sth = $self->db->prepare('SELECT * FROM user WHERE user_id = ?');
        $sth->execute($uid);
        if(my $res = $sth->fetchrow_hashref) {
            return $res;
        } else {
            return undef;
        }
    },
    validate_user => sub {
        my $self = shift;
        my $username = shift;
        my $password = shift;

        # assume we have a db helper that also uses DBI
        my $sth = $self->db->prepare('SELECT * FROM user WHERE username = ?');
        if(my $res = $sth->fetchrow_hashref) {
            my $salt = substr($res->{password}, 0, 2);
            if(crypt($password, $salt) eq $res->{password}) {
                return $res->{user_id};
            } else {
                return undef;
            }
        } else {
            return undef;
        }
    },
};

get '/foo' => sub {
    my $self = shift;

    if(!$self->user_exists) {
        $self->render(template => 'loginform');
    } else {
        $self->render(template => 'loggedin');
    }
};
get '/login' => sub {
    my $self = shift;
    my $u    = $self->req->param('username');
    my $p    = $self->req->param('password');

    if($self->authenticate($u, $p)) {
        $self->redirect_to('/foo');
    } else {
        $self->render(text => 'Invalid credentials');
    }
};

AUTHOR

Ben van Staveren, <madcat at cpan.org>

BUGS

Please report any bugs or feature requests to bug-mojolicious-plugin-authentication at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Mojolicious-Plugin-Authentication. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

CONTRIBUTING

If you want to contribute changes or otherwise involve yourself in development, feel free to fork the Mercurial repository from http://bitbucket.org/xirinet/mojolicious-plugin-authentication/.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Mojolicious::Plugin::Authentication

You can also look for information at:

RT: CPAN's request tracker

http://rt.cpan.org/NoAuth/Bugs.html?Dist=Mojolicious-Plugin-Authentication
AnnoCPAN: Annotated CPAN documentation

http://annocpan.org/dist/Mojolicious-Plugin-Authentication
CPAN Ratings

http://cpanratings.perl.org/d/Mojolicious-Plugin-Authentication
Search CPAN

http://search.cpan.org/dist/Mojolicious-Plugin-Authentication/

ACKNOWLEDGEMENTS

LICENSE AND COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See http://dev.perl.org/licenses/ for more information.

To install Mojolicious::Plugin::Authentication, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mojolicious::Plugin::Authentication

CPAN shell

perl -MCPAN -e shell
install Mojolicious::Plugin::Authentication

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)