[scpubgit/stemmaweb.git] / lib / stemmaweb / Controller / Users.pm

package stemmaweb::Controller::Users;
use Moose;
use namespace::autoclean;

use Google::JWT;

use JSON::MaybeXS;
use JSON::WebToken;

use MIME::Base64;

BEGIN {extends 'CatalystX::Controller::Auth'; }
with 'Catalyst::TraitFor::Controller::reCAPTCHA';

=head1 NAME

stemmaweb::Controller::Users - Catalyst Controller

=head1 DESCRIPTION

The Users controller is based on L<CatalystX::Controller::Auth>, see
there for most of the functionality. Any localised parts are described
below.

This controller uses L<Catalyst::TraitFor::Controller::reCAPTCHA> to
create and check a reCaptcha form shown on the C<register> form to
help prevent spam signups.

=head1 METHODS

=cut

sub base :Chained('/') :PathPart('') :CaptureArgs(0)
{
        my ( $self, $c ) = @_;

        $self->next::method( $c );
}

=head2 index

The index action is not currently used.

=cut

sub index :Path :Args(0) {
    my ( $self, $c ) = @_;

    $c->response->body('Matched stemmaweb::Controller::Users in Users.');
}

=head2 login with openid

Logging in with openid/google requires two passes through the login
action, on the 2nd pass the C<openid-check> value is passed in when
the openid providing webserver links the user back to the stemmaweb
site. This adaptation to the C<login> action sets the realm we are
authenticating against to be C<openid> in this case.

=cut

before login => sub {
  my($self, $c) = @_;
  $c->req->param( realm => 'openid')
    if $c->req->param('openid-check');

  if ($c->req->params->{email} && $c->req->params->{id_token}) {
    $c->req->param( realm => 'google');
  }

  $c->stash->{google_client_id} = $c->config->{'Authentication::Credential::Google'}->{client_id};
};

=head2 register with recaptcha

This adapts the C<register> action to add the recaptcha HTML to the
page, and verify the recaptcha info entered is correct when the form
is submitted. If the recaptcha is not correct, we just redisplay the
form with an error message.

=cut

before register => sub {
    my ($self, $c) = @_;

    ## Puts HTML into stash in "recaptcha" key.
    if (!$c->config->{'Registration'}->{'no_recaptcha'}) {
        $c->forward('captcha_get');
    }

    ## When submitting, check recaptcha passes, else re-draw form
    if($c->req->method eq 'POST') {
        if ( !$c->config->{'Registration'}->{'no_recaptcha'} && !$c->forward('captcha_check') ) {
            ## Need these two lines to detach, so end can draw the correct template again:
            my $form = $self->form_handler->new( active => [ $self->login_id_field, 'password', 'confirm_password' ] );
            $c->stash( template => $self->register_template, form => $form );

            $c->detach();
        }
    }
};

=head2 success

A stub page returned on login / registration success.

=cut

sub success :Local :Args(0) {
    my ( $self, $c ) = @_;

	$c->load_status_msgs;
    $c->stash->{template} = 'auth/success.tt';
}

=head2 post_logout

Return to the index page, not to the login page.

=cut

sub post_logout {
	my( $self, $c ) = @_;
	$c->response->redirect( $c->uri_for_action( '/index' ) );
	$c->detach;
}

=head1 AUTHOR

A clever guy

=head1 LICENSE

This library is free software. You can redistribute it and/or modify
it under the same terms as Perl itself.

=cut

__PACKAGE__->meta->make_immutable;

1;
Commit	Line	Data
19262e3d	1	package stemmaweb::Controller::Users;
	2	use Moose;
	3	use namespace::autoclean;
	4
85990daf	5	use Google::JWT;
	6
	7	use JSON::MaybeXS;
	8	use JSON::WebToken;
	9
	10	use MIME::Base64;
	11
19262e3d	12	BEGIN {extends 'CatalystX::Controller::Auth'; }
b74843e5	13	with 'Catalyst::TraitFor::Controller::reCAPTCHA';
19262e3d	14
	15	=head1 NAME
	16
	17	stemmaweb::Controller::Users - Catalyst Controller
	18
	19	=head1 DESCRIPTION
	20
b74843e5	21	The Users controller is based on L<CatalystX::Controller::Auth>, see
	22	there for most of the functionality. Any localised parts are described
	23	below.
	24
	25	This controller uses L<Catalyst::TraitFor::Controller::reCAPTCHA> to
	26	create and check a reCaptcha form shown on the C<register> form to
	27	help prevent spam signups.
19262e3d	28
	29	=head1 METHODS
	30
	31	=cut
	32
	33	sub base :Chained('/') :PathPart('') :CaptureArgs(0)
	34	{
	35	my ( $self, $c ) = @_;
1628e97a	36
19262e3d	37	$self->next::method( $c );
	38	}
	39
	40	=head2 index
	41
b74843e5	42	The index action is not currently used.
b74843e5	43
19262e3d	44	=cut
	45
	46	sub index :Path :Args(0) {
	47	my ( $self, $c ) = @_;
	48
	49	$c->response->body('Matched stemmaweb::Controller::Users in Users.');
	50	}
	51
b74843e5	52	=head2 login with openid
	53
	54	Logging in with openid/google requires two passes through the login
	55	action, on the 2nd pass the C<openid-check> value is passed in when
	56	the openid providing webserver links the user back to the stemmaweb
eb38afbc	57	site. This adaptation to the C<login> action sets the realm we are
b74843e5	58	authenticating against to be C<openid> in this case.
	59
	60	=cut
	61
b600c671	62	before login => sub {
	63	my($self, $c) = @_;
	64	$c->req->param( realm => 'openid')
	65	if $c->req->param('openid-check');
83ed6665	66
	67	if ($c->req->params->{email} && $c->req->params->{id_token}) {
	68	$c->req->param( realm => 'google');
	69	}
740a6e04	70
740a6e04	71	$c->stash->{google_client_id} = $c->config->{'Authentication::Credential::Google'}->{client_id};
b600c671	72	};
19262e3d	73
b74843e5	74	=head2 register with recaptcha
	75
	76	This adapts the C<register> action to add the recaptcha HTML to the
	77	page, and verify the recaptcha info entered is correct when the form
	78	is submitted. If the recaptcha is not correct, we just redisplay the
	79	form with an error message.
	80
	81	=cut
	82
	83	before register => sub {
	84	my ($self, $c) = @_;
	85
	86	## Puts HTML into stash in "recaptcha" key.
32d1fbf8	87	if (!$c->config->{'Registration'}->{'no_recaptcha'}) {
	88	$c->forward('captcha_get');
	89	}
b74843e5	90
	91	## When submitting, check recaptcha passes, else re-draw form
	92	if($c->req->method eq 'POST') {
32d1fbf8	93	if ( !$c->config->{'Registration'}->{'no_recaptcha'} && !$c->forward('captcha_check') ) {
b74843e5	94	## Need these two lines to detach, so end can draw the correct template again:
	95	my $form = $self->form_handler->new( active => [ $self->login_id_field, 'password', 'confirm_password' ] );
	96	$c->stash( template => $self->register_template, form => $form );
	97
	98	$c->detach();
	99	}
	100	}
	101	};
	102
eb38afbc	103	=head2 success
	104
	105	A stub page returned on login / registration success.
	106
	107	=cut
	108
	109	sub success :Local :Args(0) {
	110	my ( $self, $c ) = @_;
	111
	112	$c->load_status_msgs;
	113	$c->stash->{template} = 'auth/success.tt';
	114	}
	115
	116	=head2 post_logout
	117
	118	Return to the index page, not to the login page.
	119
	120	=cut
	121
	122	sub post_logout {
	123	my( $self, $c ) = @_;
	124	$c->response->redirect( $c->uri_for_action( '/index' ) );
	125	$c->detach;
	126	}
	127
19262e3d	128	=head1 AUTHOR
	129
	130	A clever guy
	131
	132	=head1 LICENSE
	133
	134	This library is free software. You can redistribute it and/or modify
	135	it under the same terms as Perl itself.
	136
	137	=cut
	138
	139	__PACKAGE__->meta->make_immutable;
	140
	141	1;