NAME

CGI::Application::Plugin::Authentication::Display - Generate bits of HTML needed for authentication

DESCRIPTION

The purpose of this code is to keep display code away from the back-end of authentication management. It is an abstract base class and must be used in conjunction with derived classes. Those derived classes can be used in an number of ways:

  • The subclass CGI::Application::Plugin::Authentication::Display::Classic is provided to ensure backwards compatibility with the old code. It has the advantage of working out of the box but still retaining flexibility.

  • The subclass CGI::Application::Plugin::Authentication::Display::Basic is provided to ensure XHTML compliance and to leave styling to CSS style-sheets.

  • You can handle all the HTML side yourself in which case this code is not even loaded.

  • You can use derived classes in templates that have dot support, which keeps the display code close to the templates. This has other advantages. For example one can use the enforce_protection method to mark a template as being only viewable after authentication. A number of other methods can be called from the template that provide information about the authentication status.

METHODS

new

The constructor must be passed the CGI::Application object as the first non-object argument. This allows derived modules to access the authentication information.

login_box

This method will return the HTML for a login box that can be embedded into another page. This is the same login box that is used in the default authen_login runmode that the plugin provides.

This function is not implemented in this module. One must use a derived class with an appropriate implementation of this function.

logout_form

This returns the simple bit of HTML need to have a logout button. The form has '/?authen_logout=1' as the action but of course this can be changed in derived modules.

enforce_protection

This method is useful when the class is being used in templates to mark a certain template as for authenticated eyes only. So in HTML::Template::Plugin::Dot one might have

<TMPL_VAR NAME="authen.enforce_protection">

and one must set authen to one of these objects via the HTML::Template::param method. If authenticated it will resolve to a simple string, otherwise it will croak.

login_title

This returns the TITLE parameter from the LOGIN_FORM section of the config.

is_authenticated

username

last_login

last_access

is_login_timeout

login_attempts

These methods all provide access to the cognate methods on the authentication object. They are provided as templates might find them expressive.

BUGS

This is alpha software and as such, the features and interface are subject to change. So please check the Changes file when upgrading.

SEE ALSO

CGI::Application, perl(1)

AUTHOR

Author: Cees Hek <ceeshek@gmail.com>; Co-maintainer: Nicholas Bamber <nicholas@periapt.co.uk>.

CREDITS

Thanks to SiteSuite (http://www.sitesuite.com.au) for funding the development of this plugin and for releasing it to the world.

Thanks to Christian Walde for suggesting changes to fix the incompatibility with CGI::Application::Plugin::ActionDispatch and for help with github.

LICENCE AND COPYRIGHT

Copyright (c) 2005, SiteSuite. All rights reserved. Copyright (c) 2010, Nicholas Bamber. All rights reserved.

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

DISCLAIMER OF WARRANTY

BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.