=head2 Include Authentication and Session Plugins
-Edit C<lib/MyApp.pm> and update it as follows (everything below C<DefaultEnd> is new):
+Edit C<lib/MyApp.pm> and update it as follows (everything below C<StackTrace> is new):
use Catalyst qw/
-Debug
Static::Simple
StackTrace
- DefaultEnd
Authentication
Authentication::Store::DBIC
Then open C<lib/MyApp/Controller/Login.pm> and add:
- =head2 default
+ =head2 base
Login logic
=cut
- sub default : Private {
+ sub base :Path :Args(0) {
my ($self, $c) = @_;
# Get the username and password from form
C<password> values are not present in the form, the user will be taken
to the empty login form.
+We are using C<sub base :Path :Args(0) {...}> here to specifically match
+the URL C</login>. C<Path> actions (aka, "literal actions") create URI
+matches relative to the namespace of the controller where they are defined.
+Although C<Path> supports arguments that allow relative and absolute paths
+to be defined, here we use an empty C<Path> definition to match on just the
+name of the controller itself. The method name, C<base>, is arbitrary.
+We make the match even more specific with the C<:Args(0)> action modifier
+-- this forces the match on I<only> C</login>, not C</login/somethingelse>.
+
+Note that we could have used something like C<sub default :Private>;
+however, the use of C<default> actions is discouraged because it does
+not receive path args as with other actions. The recommended practice
+is to only use C<default> in C<MyApp::Controller::Root>.
+
Next, create a corresponding method in C<lib/MyApp/Controller/Logout.pm>:
- =head2 default
+ =head2 base
Logout logic
=cut
- sub default : Private {
+ sub base :Path :Args(0) {
my ($self, $c) = @_;
# Clear the user's state
$c->response->redirect($c->uri_for('/'));
}
+Note that we are using the same C<sub base :Path :Args(0) {...}> style
+of action as with the login logic.
+
=head2 Add a Login Form TT Template Page
e727d1464ae12436e899a726da5b2f11d8381b26
$
+B<Note:> You should probably modify this code for production use to
+not read the password from the command line. By having the script
+prompt for the cleartext password, it avoids having the password linger
+in forms such as your C<.bash_history> files (assuming you are using
+BASH as your shell). An example of such a script can be found in
+Appendix 3.
+
=head2 Switch to SHA-1 Password Hashes in the Database
Kennedy Clark, C<hkclark@gmail.com>
-Please report any errors, issues or suggestions to the author.
+Please report any errors, issues or suggestions to the author. The
+most recent version of the Catlayst Tutorial can be found at
+L<http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Runtime/lib/Catalyst/Manual/Tutorial/>.
Copyright 2006, Kennedy Clark, under Creative Commons License
(L<http://creativecommons.org/licenses/by-nc-sa/2.5/>).
projects / catagits/Catalyst-Runtime.git / blobdiff