[catagits/Catalyst-Authentication-Store-DBIx-Class.git] / lib / Catalyst / Plugin / Authentication / Store / DBIx / Class.pm

package Catalyst::Plugin::Authentication::Store::DBIx::Class;

use strict;
use warnings;
use base qw/Class::Accessor::Fast/;

our $VERSION= "0.02";

BEGIN {
    __PACKAGE__->mk_accessors(qw/config/);
}


sub new {
    my ( $class, $config, $app ) = @_;

    ## figure out if we are overriding the default store user class 
    $config->{'store_user_class'} = (exists($config->{'store_user_class'})) ? $config->{'store_user_class'} :
                                        "Catalyst::Plugin::Authentication::Store::DBIx::Class::User";

    ## make sure the store class is loaded.
    Catalyst::Utils::ensure_class_loaded( $config->{'store_user_class'} );
    
    ## fields can be specified to be ignored during user location.  This allows
    ## the store to ignore certain fields in the authinfo hash.
    
    $config->{'ignore_fields_in_find'} ||= [ ];

    my $self = {
                    config => $config
               };

    bless $self, $class;

}

## --jk note to self:
## let's use DBICs get_columns method to return a hash and save / restore that
## from the session.  Then we can respond to get() calls, etc. in most cases without
## resorting to a DB call.  If user_object is called, THEN we can hit the DB and
## return a real object.  
sub from_session {
    my ( $self, $c, $frozenuser ) = @_;

    return $frozenuser if ref $frozenuser;
    
    my $user = $self->config->{'store_user_class'}->new($self->{'config'}, $c);
    
    return $user->from_session($frozenuser, $c);
}

sub for_session {
    my ($self, $c, $user) = @_;
    
    return $user->for_session($c);
}

sub find_user {
    my ( $self, $authinfo, $c ) = @_;
    
    my $user = $self->config->{'store_user_class'}->new($self->{'config'}, $c);

    return $user->load($authinfo, $c);

}

sub user_supports {
    my $self = shift;
    # this can work as a class method on the user class
    $self->config->{'store_user_class'}->supports( @_ );
}

__PACKAGE__;

__END__

=head1 NAME

Catalyst::Plugin::Authentication::Store::DBIx::Class - A storage class for Catalyst Authentication using DBIx::Class

=head1 VERSION

This documentation refers to version 0.01.

=head1 SYNOPSIS

    use Catalyst qw/
                    Authentication
                    Authorization::Roles/;

    __PACKAGE__->config->{authentication} = 
                    {  
                        default_realm => 'members',
                        realms => {
                            members => {
                                credential => {
                                    class => 'Password',
                                    password_field => 'password',
                                    password_type => 'clear'
                                },
                                store => {
                                    class => 'DBIx::Class',
            	                    user_class => 'MyApp::Users',
            	                    id_field => 'user_id',
            	                    role_relation => 'roles',
            	                    role_field => 'rolename',	                
            	                }
                	        }
                    	}
                    };

    # Log a user in:
    
    sub login : Global {
        my ( $self, $c ) = @_;
        
        $c->authenticate({  
		                    username => $c->req->params->username,
		                    password => $c->req->params->password,
		                    status => [ 'registered', 'loggedin', 'active' ]
		                 }))
    }
    
    # verify a role 
    
    if ( $c->check_user_roles( 'editor' ) ) {
        # do editor stuff
    }
    
=head1 DESCRIPTION

The Catalyst::Plugin::Authentication::Store::DBIx::Class class provides 
access to authentication information stored in a database via DBIx::Class.

=head1 CONFIGURATION

The DBIx::Class authentication store is activated by setting the store
config's class element to DBIx::Class as shown above.  See the 
L<Catalyst::Plugin::Authentication> documentation for more details on 
configuring the store.

The DBIx::Class storage module has several configuration options

=over 4

    __PACKAGE__->config->{authentication} = 
                    {  
                        default_realm => 'members',
                        realms => {
                            members => {
                                credential => {
                                    # ...
                                },
                                store => {
                                    class => 'DBIx::Class',
            	                    user_class => 'MyApp::Users',
            	                    id_field => 'user_id',
            	                    role_relation => 'roles',
            	                    role_field => 'rolename',
            	                    ignore_fields_in_find => [ 'remote_name' ]          
            	                }
                	        }
                    	}
                    };

=item class

Class is part of the core Catalyst::Authentication::Plugin module, it
contains the class name of the store to be used.

=item user_class

Contains the class name (as passed to $c->model()) of the DBIx::Class schema
to use as the source for user information.  This config item is B<REQUIRED>.

=item id_field

Contains the field name containing the unique identifier for a user.  This is 
used when storing and retrieving a user from the session.  The value in this
field should correspond to a single user in the database.  Defaults to 'id'.

=item role_column

If your role information is stored in the same table as the rest of your user
information, this item tells the module which field contains your role
information.  The DBIx::Class authentication store expects the data in this
field to be a series of role names separated by some combination of spaces, 
commas or pipe characters.  

=item role_relation

If your role information is stored in a separate table, this is the name of
the relation that will lead to the roles the user is in.  If this is 
specified then a role_field is also required.  Also when using this method
it is expected that your role table will return one row for each role 
the user is in.

=item role_field

This is the name of the field in the role table that contains the string 
identifying the role.  

=item ignore_fields_in_find

This item is an array containing fields that may be passed to the 
find_user routine, but which should be ignored when creating the 
DBIx::Class search to retrieve a user.  This makes it possible to
avoid problems when a credential requires an authinfo element whose
name overlaps with a column name in your users table.  If this doesn't
make sense to you, you probably don't need it.

=item store_user_class

This allows you to override the authentication user class that the 
DBIx::Class store module uses to perform it's work.  Most of the
work done in this module is actually done by the user class, 
L<Catalyst::Plugin::Authentication::Store::DBIx::Class::User>, so
overriding this doesn't make much sense unless you are using your
own class to extend the functionality of the existing class.  
Chances are you do not want to set this.

=back

=head1 USAGE 

The L<Catalyst::Plugin::Authentication::Store::DBIx::Class> storage module
is not called directly from application code.  You interface with it 
through the $c->authenticate() call.  

... documentation fairy fell asleep here ...


=head1 METHODS

There are no publicly exported routines in the DBIx::Class authentication 
store (or indeed in most authentication stores)  However, below is a 
description of the routines required by L<Catalyst::Plugin::Authentication> 
for all authentication stores.  Please see the documentation for 
L<Catalyst::Plugin::Authentication::Internals> for more information.

=over 4

=item new ( $config, $app )

Constructs a new store object, which uses the user element of the supplied config 
hash ref as it's backing structure.

=item find_user ( $authinfo, $c ) 

Finds a user using the information provided in the $authinfo hashref and returns
the user, or undef on failure;  This translates directly to a call to 
L<Catalyst::Plugin::Authentication::Store::DBIx::Class::User>'s load() method.

=item for_session ( $c, $user )

Prepares a user to be stored in the session.  Currently returns the value of the
user's id field - (as indicated by the 'id_field' config element)

=item from_session ( $c, $frozenuser)

Revives a user from the session based on the info provided in $frozenuser.  
Currently treats $frozenuser as an id and retrieves a user with a matching id.

=item user_supports

Provides information about what the user object supports.  

=back 

=head1 NOTES

As of the current release, session storage consists of simply storing the user's
id in the session, and then using that same id to re-retrieve the users information
from the database upon restoration from the session.  More dynamic storage of
user information in the session is intended for a future release.

=head1 BUGS AND LIMITATIONS

None known currently, please email the author if you find any.

=head1 SEE ALSO

L<Catalyst::Plugin::Authentication>, L<Catalyst::Plugin::Authentication::Internals>,
and L<Catalyst::Plugin::Authorization::Roles>

=head1 AUTHOR

Jason Kuri (jayk@cpan.org)

=head1 LICENCE

Copyright (c) 2005 the aforementioned authors. All rights
reserved. This program is free software; you can redistribute
it and/or modify it under the same terms as Perl itself.

=cut
Commit	Line	Data
ff7203cb	1	package Catalyst::Plugin::Authentication::Store::DBIx::Class;
5000f545	2
	3	use strict;
	4	use warnings;
	5	use base qw/Class::Accessor::Fast/;
	6
b33ee900	7	our $VERSION= "0.02";
	8
	9	BEGIN {
	10	__PACKAGE__->mk_accessors(qw/config/);
	11	}
	12
	13
5000f545	14	sub new {
	15	my ( $class, $config, $app ) = @_;
	16
b33ee900	17	## figure out if we are overriding the default store user class
	18	$config->{'store_user_class'} = (exists($config->{'store_user_class'})) ? $config->{'store_user_class'} :
	19	"Catalyst::Plugin::Authentication::Store::DBIx::Class::User";
	20
5000f545	21	## make sure the store class is loaded.
b33ee900	22	Catalyst::Utils::ensure_class_loaded( $config->{'store_user_class'} );
5000f545	23
b33ee900	24	## fields can be specified to be ignored during user location. This allows
ff7203cb	25	## the store to ignore certain fields in the authinfo hash.
5000f545	26
b33ee900	27	$config->{'ignore_fields_in_find'} \|\|= [ ];
	28
	29	my $self = {
	30	config => $config
	31	};
5000f545	32
5000f545	33	bless $self, $class;
b33ee900	34
5000f545	35	}
5000f545	36
ba48c9c3	37	## --jk note to self:
	38	## let's use DBICs get_columns method to return a hash and save / restore that
	39	## from the session. Then we can respond to get() calls, etc. in most cases without
	40	## resorting to a DB call. If user_object is called, THEN we can hit the DB and
	41	## return a real object.
5000f545	42	sub from_session {
	43	my ( $self, $c, $frozenuser ) = @_;
	44
	45	return $frozenuser if ref $frozenuser;
b33ee900	46
	47	my $user = $self->config->{'store_user_class'}->new($self->{'config'}, $c);
	48
	49	return $user->from_session($frozenuser, $c);
5000f545	50	}
	51
	52	sub for_session {
	53	my ($self, $c, $user) = @_;
	54
	55	return $user->for_session($c);
	56	}
	57
	58	sub find_user {
	59	my ( $self, $authinfo, $c ) = @_;
	60
b33ee900	61	my $user = $self->config->{'store_user_class'}->new($self->{'config'}, $c);
5000f545	62
b33ee900	63	return $user->load($authinfo, $c);
	64
	65	}
5000f545	66
5000f545	67	sub user_supports {
b33ee900	68	my $self = shift;
	69	# this can work as a class method on the user class
	70	$self->config->{'store_user_class'}->supports( @_ );
5000f545	71	}
	72
	73	__PACKAGE__;
	74
	75	__END__
	76
	77	=head1 NAME
	78
edb40fe0	79	Catalyst::Plugin::Authentication::Store::DBIx::Class - A storage class for Catalyst Authentication using DBIx::Class
5000f545	80
	81	=head1 VERSION
	82
	83	This documentation refers to version 0.01.
	84
	85	=head1 SYNOPSIS
	86
93102ff5	87	use Catalyst qw/
	88	Authentication
	89	Authorization::Roles/;
	90
	91	__PACKAGE__->config->{authentication} =
	92	{
	93	default_realm => 'members',
	94	realms => {
	95	members => {
	96	credential => {
	97	class => 'Password',
	98	password_field => 'password',
	99	password_type => 'clear'
	100	},
	101	store => {
	102	class => 'DBIx::Class',
	103	user_class => 'MyApp::Users',
	104	id_field => 'user_id',
	105	role_relation => 'roles',
	106	role_field => 'rolename',
	107	}
	108	}
	109	}
	110	};
	111
	112	# Log a user in:
	113
	114	sub login : Global {
	115	my ( $self, $c ) = @_;
	116
	117	$c->authenticate({
	118	username => $c->req->params->username,
	119	password => $c->req->params->password,
	120	status => [ 'registered', 'loggedin', 'active' ]
	121	}))
	122	}
	123
	124	# verify a role
	125
	126	if ( $c->check_user_roles( 'editor' ) ) {
	127	# do editor stuff
	128	}
	129
5000f545	130	=head1 DESCRIPTION
5000f545	131
93102ff5	132	The Catalyst::Plugin::Authentication::Store::DBIx::Class class provides
	133	access to authentication information stored in a database via DBIx::Class.
	134
	135	=head1 CONFIGURATION
	136
	137	The DBIx::Class authentication store is activated by setting the store
	138	config's class element to DBIx::Class as shown above. See the
	139	L<Catalyst::Plugin::Authentication> documentation for more details on
	140	configuring the store.
	141
	142	The DBIx::Class storage module has several configuration options
	143
	144	=over 4
	145
	146	__PACKAGE__->config->{authentication} =
	147	{
	148	default_realm => 'members',
	149	realms => {
	150	members => {
	151	credential => {
	152	# ...
	153	},
	154	store => {
	155	class => 'DBIx::Class',
	156	user_class => 'MyApp::Users',
	157	id_field => 'user_id',
	158	role_relation => 'roles',
	159	role_field => 'rolename',
	160	ignore_fields_in_find => [ 'remote_name' ]
	161	}
	162	}
	163	}
	164	};
	165
	166	=item class
	167
	168	Class is part of the core Catalyst::Authentication::Plugin module, it
	169	contains the class name of the store to be used.
	170
	171	=item user_class
5000f545	172
93102ff5	173	Contains the class name (as passed to $c->model()) of the DBIx::Class schema
93102ff5	174	to use as the source for user information. This config item is B<REQUIRED>.
5000f545	175
93102ff5	176	=item id_field
5000f545	177
93102ff5	178	Contains the field name containing the unique identifier for a user. This is
	179	used when storing and retrieving a user from the session. The value in this
	180	field should correspond to a single user in the database. Defaults to 'id'.
5000f545	181
93102ff5	182	=item role_column
5000f545	183
93102ff5	184	If your role information is stored in the same table as the rest of your user
	185	information, this item tells the module which field contains your role
	186	information. The DBIx::Class authentication store expects the data in this
	187	field to be a series of role names separated by some combination of spaces,
	188	commas or pipe characters.
5000f545	189
93102ff5	190	=item role_relation
5000f545	191
93102ff5	192	If your role information is stored in a separate table, this is the name of
	193	the relation that will lead to the roles the user is in. If this is
	194	specified then a role_field is also required. Also when using this method
	195	it is expected that your role table will return one row for each role
	196	the user is in.
5000f545	197
93102ff5	198	=item role_field
5000f545	199
93102ff5	200	This is the name of the field in the role table that contains the string
93102ff5	201	identifying the role.
5000f545	202
93102ff5	203	=item ignore_fields_in_find
5000f545	204
93102ff5	205	This item is an array containing fields that may be passed to the
	206	find_user routine, but which should be ignored when creating the
	207	DBIx::Class search to retrieve a user. This makes it possible to
	208	avoid problems when a credential requires an authinfo element whose
	209	name overlaps with a column name in your users table. If this doesn't
	210	make sense to you, you probably don't need it.
5000f545	211
93102ff5	212	=item store_user_class
5000f545	213
93102ff5	214	This allows you to override the authentication user class that the
	215	DBIx::Class store module uses to perform it's work. Most of the
	216	work done in this module is actually done by the user class,
	217	L<Catalyst::Plugin::Authentication::Store::DBIx::Class::User>, so
	218	overriding this doesn't make much sense unless you are using your
	219	own class to extend the functionality of the existing class.
	220	Chances are you do not want to set this.
5000f545	221
93102ff5	222	=back
5000f545	223
93102ff5	224	=head1 USAGE
5000f545	225
93102ff5	226	The L<Catalyst::Plugin::Authentication::Store::DBIx::Class> storage module
	227	is not called directly from application code. You interface with it
	228	through the $c->authenticate() call.
5000f545	229
93102ff5	230	... documentation fairy fell asleep here ...
5000f545	231
5000f545	232
93102ff5	233	=head1 METHODS
5000f545	234
93102ff5	235	There are no publicly exported routines in the DBIx::Class authentication
	236	store (or indeed in most authentication stores) However, below is a
	237	description of the routines required by L<Catalyst::Plugin::Authentication>
	238	for all authentication stores. Please see the documentation for
	239	L<Catalyst::Plugin::Authentication::Internals> for more information.
	240
	241	=over 4
	242
	243	=item new ( $config, $app )
	244
	245	Constructs a new store object, which uses the user element of the supplied config
	246	hash ref as it's backing structure.
	247
	248	=item find_user ( $authinfo, $c )
	249
	250	Finds a user using the information provided in the $authinfo hashref and returns
	251	the user, or undef on failure; This translates directly to a call to
	252	L<Catalyst::Plugin::Authentication::Store::DBIx::Class::User>'s load() method.
	253
	254	=item for_session ( $c, $user )
	255
	256	Prepares a user to be stored in the session. Currently returns the value of the
	257	user's id field - (as indicated by the 'id_field' config element)
	258
	259	=item from_session ( $c, $frozenuser)
	260
	261	Revives a user from the session based on the info provided in $frozenuser.
	262	Currently treats $frozenuser as an id and retrieves a user with a matching id.
	263
	264	=item user_supports
	265
	266	Provides information about what the user object supports.
	267
	268	=back
5000f545	269
	270	=head1 NOTES
	271
93102ff5	272	As of the current release, session storage consists of simply storing the user's
	273	id in the session, and then using that same id to re-retrieve the users information
	274	from the database upon restoration from the session. More dynamic storage of
	275	user information in the session is intended for a future release.
5000f545	276
	277	=head1 BUGS AND LIMITATIONS
	278
	279	None known currently, please email the author if you find any.
	280
	281	=head1 SEE ALSO
	282
93102ff5	283	L<Catalyst::Plugin::Authentication>, L<Catalyst::Plugin::Authentication::Internals>,
93102ff5	284	and L<Catalyst::Plugin::Authorization::Roles>
5000f545	285
	286	=head1 AUTHOR
	287
b33ee900	288	Jason Kuri (jayk@cpan.org)
5000f545	289
	290	=head1 LICENCE
	291
93102ff5	292	Copyright (c) 2005 the aforementioned authors. All rights
	293	reserved. This program is free software; you can redistribute
	294	it and/or modify it under the same terms as Perl itself.
5000f545	295
5000f545	296	=cut