NAME

Plack::Middleware::DoormanAuthentication - The generic authentication middleware.

SYNOPSIS

    use Plack::Request;
    use Plack::Builder;

    builder {
        enable "Session";
        enable "DoormanAuthentication", authenticator => sub {
            my ($self, $env) = @_;
            my $request = Plack::Request->new($env);
            return $request->param("username")
                if $request->param("username") eq "john" && $request->param("password") eq "secret";
        };

        sub {
            my $env = shift;
            my $doorman = $env->{'doorman.users.authentication'};
            my $current_username = $doorman->is_sign_in;

            ...
        }
    };

DESCRIPTION

This middleware is for doing generic authentication. In other words, it does not do the real authenticate at all, but merely just keep the authentication info that your (the developer) provide from the authenticator callback in the session.

OPTIONS

authenticator

This setting is mandatory, and it must be a CODEref callback that will be called once this middleware need to do the real authentication work.

Here's an simple example that only authenticate "john" with correct password:
```
    enable "DoormanAuthentication", authenticator => sub {
        my ($self, $env) = @_;
        my $request = Plack::Request->new($env);
        return $request->param("username")
            if $request->param("username") eq "john" && $request->param("password") eq "secret";
    };
```
The authenticator callback is called as a method of an instance of this middleware class, with the PSGI $env hash as its sole method parameter. For most web apps the authenticator checks certain form fields like the examples above. If the authenticator is based on request headers but not only form fields, it is still feasible by building a Plack::Request object from $env.

The authenticator callback should return a false value (0 or undef) when the sign-in request is not considered successful (eg, wrong password). It should return an id of some sort for your app code to latter retrieve user information from database. A numerical id or username might work.

The returned value of the authenticator callback is kept in the session and used to decide if current session is considered signed in.
scope

This setting is optional with default value "users", and useful if you need multiple roles to login in to your system.

For example, if you need "users" and "admins" roles to have different login session, you can achieve it by:
```
    enable "DoormanAuthentication", scope => "users";
    enable "DoormanAuthentication", scope => "admins";
```
For each scope, a path named after that scope is taken by DoormanAuthentication middleware as the end-points to perforam openid login.

By default, the following paths and HTTP methods are responded by this middleware:
```
    POST /users/sign_in
    GET  /users/sign_out
    GET  /users/openid_verified
```
For the "admins" scope, it'll add:
```
    POST /admins/sign_in
    GET  /admins/sign_out
    GET  /admins/openid_verified
```

METHODS

sign_in_path, sign_in_url

Returns a path, or full url, that is used to let user POST an openid url to sign in. It should be used as the value of "action" attribute of a form. For example, like in this form:
```
    my $doorman = $env->{'doorman.users.authentication'};

    my $sign_in_form = <<HTML5;
    <form method="POST" action="@{[ $doorman->sign_in_path ]}">
      <p>
        <label>Username</label>
        <input type="text" name="username" autofocus>
      </p>
      <p>
        <label>Password</label>
        <input type="password" name="password">
      </p>
      <p>
        <input type="submit" value="Sign In">
      </p>
    </form>
    HTML5
```
The form uses username and password as the name of the fields. Accordingly, the authenticator callback should be coded to authenticate users by those values. In other words, you must choose the field names that will be used to authenticate, and you need to properly code HTML and authenticator callback to put them together.
is_sign_in

Returns true if the current session is considered signed in.

In fact, it returns the return value of the authenticator callback. It is recommended that your authenticator callback returns a primary key to the authenticated user, and use that value to retrieve the user object from whatever backend database you use:
```
    my $app = sub {
        my $env = shift;
        my $doorman = $env->{'doorman.users.authentication'};

        my $current_user = MyModel::User->load( $doorman->is_sign_in );

        ...
    };
```
sign_out_path, sign_out_url

Returns a path that, when visited (GET), wipes out the signed in information from the session.

To install Doorman, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Doorman

CPAN shell

perl -MCPAN -e shell
install Doorman

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

METHODS

Module Install Instructions