Also check hex digests in Cred::Password

[catagits/Catalyst-Plugin-Authentication.git] / lib / Catalyst / Plugin / Authentication.pm

diff --git a/lib/Catalyst/Plugin/Authentication.pm b/lib/Catalyst/Plugin/Authentication.pm
index f0b34db..9c61bf8 100644 (file)
--- a/lib/Catalyst/Plugin/Authentication.pm
+++ b/lib/Catalyst/Plugin/Authentication.pm
@@ -5,7 +5,7 @@ package Catalyst::Plugin::Authentication;
 use base qw/Class::Accessor::Fast Class::Data::Inheritable/;
 
 BEGIN {
-    __PACKAGE__->mk_accessors(qw/user/);
+    __PACKAGE__->mk_accessors(qw/_user/);
     __PACKAGE__->mk_classdata($_) for qw/_auth_stores _auth_store_names/;
 }
 
@@ -21,6 +21,7 @@ sub set_authenticated {
     my ( $c, $user ) = @_;
 
     $c->user($user);
+    $c->request->{user} = $user;    # compatibility kludge
 
     if (    $c->isa("Catalyst::Plugin::Session")
         and $c->config->{authentication}{use_session}
@@ -30,8 +31,24 @@ sub set_authenticated {
     }
 }
 
+sub user {
+    my $c = shift;
+
+    if (@_) {
+        return $c->_user(@_);
+    }
+
+    my $user = $c->_user;
+
+    if ( $user and !Scalar::Util::blessed($user) ) {
+        return $c->auth_restore_user($user);
+    }
+
+    return $user;
+}
+
 sub save_user_in_session {
-       my ( $c, $user ) = @_;
+    my ( $c, $user ) = @_;
 
     my $store = $user->store || ref $user;
     $c->session->{__user_store} = $c->get_auth_store_name($store) || $store;
@@ -70,16 +87,27 @@ sub prepare {
         and $c->default_auth_store
         and !$c->user )
     {
-        if ( $c->sessionid and my $user_id = $c->session->{__user} ) {
-            my $store = $c->get_auth_store( $c->session->{__user_store} );
-            $c->user( $store->from_session( $c, $user_id ) );
-            $c->request->{user} = $c->user;    # compatibility kludge
+        if ( $c->sessionid and my $frozen_user = $c->session->{__user} ) {
+            $c->_user($frozen_user);
         }
     }
 
     return $c;
 }
 
+sub auth_restore_user {
+    my ( $c, $frozen_user, $store_name ) = @_;
+
+    $store_name  ||= $c->session->{__user_store};
+    $frozen_user ||= $c->session->{__user};
+
+    my $store = $c->get_auth_store($store_name);
+    $c->_user( my $user = $store->from_session( $c, $frozen_user ) );
+
+    return $user;
+
+}
+
 sub setup {
     my $c = shift;
 
@@ -204,6 +232,15 @@ authentication.
 This involves setting C<user> and the internal data in C<session> if
 L<Catalyst::Plugin::Session> is loaded.
 
+=item auth_restore_user $user
+
+Used to restore a user from the session, by C<user> only when it's actually
+needed.
+
+=item save_user_in_session $user
+
+Used to save the user in a session.
+
 =item prepare
 
 Revives a user from the session object if there is one.