3 package Catalyst::Plugin::Authentication::Credential::HTTP;
4 use base qw/Catalyst::Plugin::Authentication::Credential::Password/;
13 our $VERSION = "0.01";
15 sub authenticate_http {
18 my $headers = $c->req->headers;
20 if ( my ( $user, $password ) = $headers->authorization_basic ) {
22 if ( my $store = $c->config->{authentication}{http}{store} ) {
23 $user = $store->get_user($user);
26 return $c->login( $user, $password );
30 sub authorization_required {
31 my ( $c, %opts ) = @_;
33 return 1 if $c->authenticate_http;
35 $c->authorization_required_response( %opts );
37 die $Catalyst::DETACH;
40 sub authorization_required_response {
41 my ( $c, %opts ) = @_;
47 if ( my $realm = $opts{realm} ) {
48 push @opts, sprintf 'realm=%s', String::Escape::qprintable($realm);
51 if ( my $domain = $opts{domain} ) {
52 Catalyst::Excpetion->throw("domain must be an array reference")
53 unless ref($domain) && ref($domain) eq "ARRAY";
56 $c->config->{authentication}{http}{use_uri_for}
57 ? ( map { $c->uri_for($_) } @$domain )
58 : ( map { URI::Escape::uri_escape($_) } @$domain );
60 push @opts, qq{domain="@uris"};
63 $c->res->headers->www_authenticate(join " ", "Basic", @opts);
74 Catalyst::Plugin::Authentication::Credential::HTTP - HTTP Basic authentication
81 Authentication::Store::Moose
82 Authentication::Credential::HTTP
86 my ( $self, $c ) = @_;
88 $c->authorization_requried( realm => "foo" ); # named after the status code ;-)
90 # either user gets authenticated or 401 is sent
96 __PACKAGE__->deny_access_unless("/path", sub { $_[0]->authenticate_http });
99 my ( $self, $c ) = @_;
101 $c->authorization_required_response( realm => "foo" );
107 This moduule lets you use HTTP authentication with
108 L<Catalyst::Plugin::Authentication>.
110 Currently this module only supports the Basic scheme, but upon request Digest
111 will also be added. Patches welcome!
117 =item authorization_required
119 Tries to C<authenticate_http>, and if that files calls
120 C<authorization_required_response> and detaches the current action call stack.
122 =item authenticate_http
124 Looks inside C<< $c->request->headers >> and processes the basic (badly named)
125 authorization header.
127 =item authorization_required_response
129 Sets C<< $c->response >> to the correct status code, and adds the correct
130 header to demand authentication data from the user agent.