use MyLibrary::Auth::Basic; # create a new authentication object my $auth = MyLibrary::Auth::Basic->new(); my $auth = MyLibrary::Auth::Basic->new(sessid => $sessid); # access session attributes my $sessid = $auth->sessid(); my $status = $auth->status(); my $username = $auth->username(); # authenticate my $return_code = $auth->authenticate(username => 'user', password => 'password'); # place session cookie $auth->place_cookie(); # remove session cookie $auth->remove_cookie(); # close a session $auth->close_session();
This method of authentication uses an internal mechanism to MyLibrary, with a simply encryption scheme. The user credentials are stored within the MyLibrary database structure. Users are required to create their own usernames and passwords, and are thus required to memorize them separately from any institutional authentication system. Changing the username and password is handled via the Patron.pm API.
This is the constructor for the class. It creates an object with a default set of attributes if no session id is supplied, and initializes the attributes according to session data previously saved if a session id is supplied. This object uses encapsulated data, so the only means to manipulate session variables is via the supplied API. This is done for security reasons and to help maintain data integrity.
# create a new auth object my $auth = MyLibrary::Auth->new(); # create an auth object based upon session id my $auth = MyLibrary::Auth->new(sessid => $sessid);
Get the session id for the current auth object. This method cannot set the session id, only retrieve it.
# get the session id my $sessid = $auth->sessid();
Retrieve the status for this session. There are several status indicators based upon whether or not the user was able to successfully authenticate or is in the process of authentication. The state of authentication status can only be changed internal to the object itself.
# status info my $status = $auth->status();
The username is the name entered for authentication purposes and is retained throughout the life of the session. This is used to identify who the last person was to authenticate from the host where authentication was initiated.
# username my $username = $auth->username();
This method will return a header used to place a cookie with the browser initiating the authentication request.
# place a cookie my $place_cookie_header = $auth->place_cookie();
This method return a header that will delete a cookie from the browser for the current session. This usually occurs when the user indicate that they would like their session terminated.
# delete a cookie my $remove_cookie_header = $auth->remove_cookie();
This method is used to simply receive a message as a return value indicating the status of an authentication attempt. The two required parameters are username and password. If either of these is not present, then the method will return an error message.
# authenticate my $return_code = $auth->authenticate(username => 'joe', password => 'password');
This method will delete the session object from the database, and it will no longer be accessible using the session id.
# close the session $auth->close_session()
For more information, see the MyLibrary home page: http://dewey.library.nd.edu/mylibrary/.
Robert Fox <email@example.com>