package Catalyst::ActionRole::RequireSSL;
$Catalyst::ActionRole::RequireSSL::VERSION = '1.00';
use Moose::Role;
with 'Catalyst::ActionRole::RequireSSL::Role';
use namespace::autoclean;
=head1 NAME
Catalyst::ActionRole::RequireSSL - Force an action to be secure only.
=head1 VERSION
version 1.00
=head1 SYNOPSIS
package MyApp::Controller::Foo;
use parent qw/Catalyst::Controller::ActionRole/;
sub bar : Local Does('RequireSSL') { ... }
sub bar : Local Does('NoSSL') { ... }
=head2 HIERARCHY
You can chain the SSL Roles to allow for enforced combinations such as all
secure apart from a certain action and vice versa. See the tests to see this
in action.
=cut
around execute => sub {
my $orig = shift;
my $self = shift;
my ($controller, $c) = @_;
unless(defined $c->config->{require_ssl}->{disabled}) {
$c->config->{require_ssl}->{disabled} =
$c->engine->isa("Catalyst::Engine::HTTP") ? 1 : 0;
}
#use Data::Dumper;warn Dumper($c->action);
if (!$c->req->secure && $c->req->method eq "POST"
&& !$c->config->{require_ssl}->{ignore_on_post})
{
$c->error("Cannot secure request on POST")
}
unless(
$c->config->{require_ssl}->{disabled} ||
$c->req->secure ||
$c->req->method eq "POST" ||
!$self->check_chain($c)
) {
my $uri = $c->req->uri->clone;
$uri->scheme('https');
$c->res->redirect( $uri, 301 );
$c->detach();
} else {
$c->log->warn("Would've redirected to SSL")
if $c->config->{require_ssl}->{disabled} && $c->debug;
$self->$orig( @_ );
}
};
1;
=head1 AUTHOR
Simon Elliott <cpan@papercreatures.com>
=head1 THANKS
Andy Grundman, <andy@hybridized.org> for the original RequireSSL Plugin
t0m (Tomas Doran), zamolxes (Bogdan Lucaciu), wreis (Wallace Reis)
=head1 COPYRIGHT & LICENSE
Copyright 2009 by Simon Elliott
This program is free software; you can redistribute it and/or modify it under
the same terms as Perl itself.