Nik Ogura > CGI-Lazy-1.09 > CGI::Lazy::Authn



Annotate this POD


New  1
Open  0
View/Report Bugs
Source   Latest Release: CGI-Lazy-1.10



Copyright (C) 2008 by Nik Ogura. All rights reserved.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Bug reports and comments to





        use CGI::Lazy;

        my $q = CGI::Lazy->new({

                        tmplDir         => '/templates',

                        jsDir           => '/js',

                        cssDir          => '/css',

                        imgDir          => '/css',

                        buildDir        => '/tmp',

                        plugins         => {

                                        dbh     => {

                                                dbDatasource    => 'dbi:mysql:somedb:localhost',

                                                dbUser          => 'luser',

                                                dbPasswd        => 's3cr3t',

                                                dbArgs          => {RaiseError  => 1},


                                        session => {

                                                sessionTable    => 'session',

                                                sessionCookie   => 'frobnitz',

                                                saveOnDestroy   => 1,

                                                expires         => '+15m',


                                        authn   => {

                                                table           => 'user',

                                                primarykey      => 'user_id',

                                                template        => 'login.tmpl',

                                                salt            => '234998fhgsldkj#$^',

                                                userField       => 'username',

                                                passwdField     => 'password',

                                                activeField     => 'active',

                                                extraFields     => {

                                                        country => country,




        return unless $q->authn->check;


CGI::Lazy Authentication module. Draws much of its inspiration from CGI::Auth. Put the $q->authn->check call in your CGI, if theres a current authenticated session, it will return true. If not, it will print the login template specified and return false.

The intended minimum database structure is as follows:

        create table user (user_id int(10) unsigned not null auto_increment primary key, username varchar(50), password(varchar(25), active bool);  #mysql


Required Arguments:

        table           => 'table_name',                #name of user table     

        primarykey      => 'field_name',                #name of primary key field on above table.

        template        => 'login.tmpl',                #name of template for logins

        salt            => 'asdf9234ml@#4234',          #unique identifying string for this application.  Passwords are stored as md5 hashes of $username.$passwd.$salt .

        userField       => 'username',                  #name of username field.  Defaults to 'username'

        passwdField     => 'password',                  #name of password field.  Defaults to 'password' needs to be varchar and at least 22 characters wide.

        activeField     => 'active',                    #name of field that flags a user as active.  Defaults to 'active'. Assumes '1' means active. 

Optional Arguments:

        extraFields     => {                            #any other fields you want to authenticate on.  If set, will authenticate on username, passwd, and every other field set here.

                webname         => fieldname,           #first value is the name of the web control, second is the name of the field in the db

                webname2        => fieldname2,




Call this in your cgi to check if an authenticated session is present. Returns 1 if session is valid, and authenticated. Returns 0 otherwise; If authentication fails, prints the login template.

passwdhash (username, password)

Takes username, password, and salt from config and generates hashed value for storage in the db.


The username


The cleartext password.

syntax highlighting: