Nik Ogura > CGI-Lazy-1.09 > CGI::Lazy::Authn

Download:
Lazy/CGI-Lazy-1.09.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Source   Latest Release: CGI-Lazy-1.10

LEGAL ^

#===========================================================================

Copyright (C) 2008 by Nik Ogura. All rights reserved.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Bug reports and comments to nik.ogura@gmail.com.

#===========================================================================

NAME ^

CGI::Lazy::Authn

SYNOPSIS ^

        use CGI::Lazy;

        my $q = CGI::Lazy->new({

                        tmplDir         => '/templates',

                        jsDir           => '/js',

                        cssDir          => '/css',

                        imgDir          => '/css',

                        buildDir        => '/tmp',

                        plugins         => {

                                        dbh     => {

                                                dbDatasource    => 'dbi:mysql:somedb:localhost',

                                                dbUser          => 'luser',

                                                dbPasswd        => 's3cr3t',

                                                dbArgs          => {RaiseError  => 1},

                                        },

                                        session => {

                                                sessionTable    => 'session',

                                                sessionCookie   => 'frobnitz',

                                                saveOnDestroy   => 1,

                                                expires         => '+15m',

                                        },

                                        authn   => {

                                                table           => 'user',

                                                primarykey      => 'user_id',

                                                template        => 'login.tmpl',

                                                salt            => '234998fhgsldkj#$^',

                                                userField       => 'username',

                                                passwdField     => 'password',

                                                activeField     => 'active',

                                                extraFields     => {

                                                        country => country,

                                                }

                                        },
                        },

        });


        return unless $q->authn->check;

DESCRIPTION ^

CGI::Lazy Authentication module. Draws much of its inspiration from CGI::Auth. Put the $q->authn->check call in your CGI, if theres a current authenticated session, it will return true. If not, it will print the login template specified and return false.

The intended minimum database structure is as follows:

        create table user (user_id int(10) unsigned not null auto_increment primary key, username varchar(50), password(varchar(25), active bool);  #mysql

CONFIGURATION

Required Arguments:

        table           => 'table_name',                #name of user table     

        primarykey      => 'field_name',                #name of primary key field on above table.

        template        => 'login.tmpl',                #name of template for logins

        salt            => 'asdf9234ml@#4234',          #unique identifying string for this application.  Passwords are stored as md5 hashes of $username.$passwd.$salt .

        userField       => 'username',                  #name of username field.  Defaults to 'username'

        passwdField     => 'password',                  #name of password field.  Defaults to 'password' needs to be varchar and at least 22 characters wide.

        activeField     => 'active',                    #name of field that flags a user as active.  Defaults to 'active'. Assumes '1' means active. 

Optional Arguments:

        extraFields     => {                            #any other fields you want to authenticate on.  If set, will authenticate on username, passwd, and every other field set here.

                webname         => fieldname,           #first value is the name of the web control, second is the name of the field in the db

                webname2        => fieldname2,

        }

METHODS ^

check

Call this in your cgi to check if an authenticated session is present. Returns 1 if session is valid, and authenticated. Returns 0 otherwise; If authentication fails, prints the login template.

passwdhash (username, password)

Takes username, password, and salt from config and generates hashed value for storage in the db.

username

The username

password

The cleartext password.

syntax highlighting: