יובל קוג'מן (Yuval Kogman) > Catalyst-Plugin-Authentication-Credential-HTTP-0.08 > Catalyst::Plugin::Authentication::Credential::HTTP

Download:
Catalyst-Plugin-Authentication-Credential-HTTP-0.08.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  0
View/Report Bugs
Module Version: 0.08   Source   Latest Release: Catalyst-Plugin-Authentication-Credential-HTTP-0.13

NAME ^

Catalyst::Plugin::Authentication::Credential::HTTP - HTTP Basic and Digest authentication for Catalyst.

SYNOPSIS ^

    use Catalyst qw/
        Authentication
        Authentication::Store::Moose
        Authentication::Credential::HTTP
    /;

    __PACKAGE__->config->{authentication}{http}{type} = 'any'; # or 'digest' or 'basic'
    __PACKAGE__->config->{authentication}{users} = {
        Mufasa => { password => "Circle Of Life", },
    };

    sub foo : Local {
        my ( $self, $c ) = @_;

        $c->authorization_required( realm => "foo" ); # named after the status code ;-)

        # either user gets authenticated or 401 is sent

        do_stuff();
    }

    # with ACL plugin
    __PACKAGE__->deny_access_unless("/path", sub { $_[0]->authenticate_http });

    sub end : Private {
        my ( $self, $c ) = @_;

        $c->authorization_required_response( realm => "foo" );
        $c->error(0);
    }

DESCRIPTION ^

This moduule lets you use HTTP authentication with Catalyst::Plugin::Authentication. Both basic and digest authentication are currently supported.

METHODS ^

authorization_required %opts

Tries to authenticate_http, and if that fails calls authorization_required_response and detaches the current action call stack.

This method just passes the options through untouched.

authenticate_http %opts

Looks inside $c->request->headers and processes the digest and basic (badly named) authorization header.

This will only try the methods set in the configuration.

See the next two methods for what %opts can contain.

authenticate_basic %opts
authenticate_digest %opts

Try to authenticate one of the methods without checking if the method is allowed in the configuration.

%opts can contain store (either an object or a name), user (to disregard %the username from the header altogether, overriding it with a username or user %object).

authorization_required_response %opts

Sets $c->response to the correct status code, and adds the correct header to demand authentication data from the user agent.

Typically used by authorization_required, but may be invoked manually.

%opts can contain realm, domain and algorithm, which are used to build %the digest header.

store_digest_authorization_nonce $key, $nonce
get_digest_authorization_nonce $key

Set or get the $nonce object used by the digest auth mode.

You may override these methods. By default they will call get and set on $c->cache.

CONFIGURATION ^

All configuration is stored in YourApp->config->{authentication}{http}.

This should be a hash, and it can contain the following entries:

store

Either a name or an object -- the default store to use for HTTP authentication.

type

Can be either any (the default), basic or digest.

This controls authorization_required_response and authenticate_http, but not the "manual" methods.

AUTHORS ^

Yuval Kogman, nothingmuch@woobling.org

Jess Robinson

Sascha Kiefer esskar@cpan.org

COPYRIGHT & LICENSE ^

        Copyright (c) 2005-2006 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.
syntax highlighting: