X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FCookbook.pod;h=07e979414a4496309a8210550d5a4adbb23332f8;hb=822fe9544767709e6d75eda2b0cbcfb46bb494dd;hp=9f8b0eb39831b682691f367eafa629686e1ff8e1;hpb=1df125c95d52bba7c3e2f5d01337c98e50172a7b;p=catagits%2FCatalyst-Runtime.git diff --git a/lib/Catalyst/Manual/Cookbook.pod b/lib/Catalyst/Manual/Cookbook.pod index 9f8b0eb..07e9794 100644 --- a/lib/Catalyst/Manual/Cookbook.pod +++ b/lib/Catalyst/Manual/Cookbook.pod @@ -11,14 +11,24 @@ Yummy code like your mum used to bake! =head2 Force debug screen You can force Catalyst to display the debug screen at the end of the request by -placing a die() call in the _end action. +placing a C call in the C action. + + sub end : Private { + my ( $self, $c ) = @_; + die "forced debug"; + } + +If you're tired of removing and adding this all the time, you can add a +condition in the C action. For example: + + sub end : Private { + my ( $self, $c ) = @_; + die "forced debug" if $c->req->params->{dump_info}; + } + +Then just add to your query string C<"&dump_info=1">, or the like, to +force debug output. - __PACKAGE__->action( - '!end' => sub { - my ( $self, $c ) = @_; - die "testing"; - } - ); =head2 Disable statistics @@ -30,7 +40,7 @@ statistics in your debug messages. =head2 Scaffolding Scaffolding is very simple with Catalyst. -Just use Catalyst::Model::CDBI::CRUD as baseclass. +Just use Catalyst::Model::CDBI::CRUD as your base class. # lib/MyApp/Model/CDBI.pm package MyApp::Model::CDBI; @@ -55,45 +65,24 @@ Just use Catalyst::Model::CDBI::CRUD as baseclass. root => '/home/joeuser/myapp/root' ); - __PACKAGE__->action( - 'table' => sub { - my ( $self, $c ) = @_; - $c->form( optional => [ MyApp::Model::CDBI::Table->columns ] ); - $c->forward('MyApp::Model::CDBI::Table'); - } - ); + sub my_table : Global { + my ( $self, $c ) = @_; + $c->form( optional => [ MyApp::Model::CDBI::Table->columns ] ); + $c->forward('MyApp::Model::CDBI::Table'); + } 1; -Modify the $c->form() parameters to match your needs, and don't forget to copy -the templates. ;) +Modify the C<$c-Eform()> parameters to match your needs, and don't +forget to copy the templates into the template root. Can't find the +templates? They were in the CRUD model distribution, so you can do +B from the CPAN shell to find them. -==head2 Serving static files and CSS as text/css +Other Scaffolding modules are in development at the time of writing. -If you want to serve static content (like images, txt or CSS) via Catalyst, -then all you need is the plugin Catalyst::Plugin::Static as well as a small -regex to set the MIME type for CSS to text/css. +=head2 File uploads - # lib/MyApp.pm - package MyApp; - - use strict; - use Catalyst qw/-Debug Static/; - - __PACKAGE__->action( - - '!default' => sub { - my ( $self, $c ) = @_; - $c->serve_static; - }, - - '/^.*\.css$/' => sub { - my ( $self, $c ) = @_; - $c->serve_static('text/css'); - }, - ); - -==head2 Uploads with Catalyst +=head3 Single file upload with Catalyst To implement uploads in Catalyst you need to have a HTML form similiar to this: @@ -104,42 +93,513 @@ this: -It's very important not to forget enctype="multipart/form-data" in form, -if it's not there, uploads just don't work. +It's very important not to forget C in +the form. Catalyst Controller module 'upload' action: - MyApp->action( - - 'upload' => sub { - my ($self, $c) = @_; - if ($c->req->parameters->{form_submit} eq 'yes') { - my $filename = $c->req->parameters->{my_file}; - if ($filename) { - my $fh = $c->req->uploads->{$filename}->{fh}; - open(NEW_FILE, ">/tmp/$filename") or die - "Can't open file for writing: $!"; - while ($fh->read(my $buf, 32768)) { - print NEW_FILE $buf; - } - close(NEW_FILE); + sub upload : Global { + my ($self, $c) = @_; + + if ( $c->request->parameters->{form_submit} eq 'yes' ) { + + if ( my $upload = $c->request->upload('my_file') ) { + + my $filename = $upload->filename; + my $target = "/tmp/upload/$filename"; + + unless ( $upload->link_to($target) || $upload->copy_to($target) ) { + die( "Failed to copy '$filename' to '$target': $!" ); } } - $c->stash->{template} = 'upload_form.tt'; - $c->forward('MyApp::V::View'); - }, - ); + } + + $c->stash->{template} = 'file_upload.html'; + } + +=head3 Multiple file upload with Catalyst + +Code for uploading multiple files from one form needs a few changes: -If you want to upload bigger files than 1MB, then just add to your Controller -module: +The form should have this basic structure: - $CGI::Simple::POST_MAX = 1048576000; +
+ +
+
+
+ +
+ +And in the controller: + + sub upload : Local { + my ($self, $c) = @_; + + if ( $c->request->parameters->{form_submit} eq 'yes' ) { + + for my $field ( $c->req->upload ) { + + my $upload = $c->req->upload($field); + my $filename = $upload->filename; + my $target = "/tmp/upload/$filename"; + + unless ( $upload->link_to($target) || $upload->copy_to($target) ) { + die( "Failed to copy '$filename' to '$target': $!" ); + } + } + } + + $c->stash->{template} = 'file_upload.html'; + } + +Creq->upload)> loops automatically over all file +input fields and gets input names. After that is basic file saving code, +just like in single file upload. + +Notice: Cing might not be what you want to do, when an error +occurs, but it works as an example. A better idea would be to store +error C<$!> in $c->stash->{error} and show a custom error template +displaying this message. + +For more information about uploads and usable methods look at +L and L. + +=head2 Authentication with Catalyst::Plugin::Authentication::CDBI + +There are (at least) two ways to implement authentication with this plugin: +1) only checking username and password; +2) checking username, password, and the roles the user has + +For both variants you'll need the following code in your MyApp package: + + use Catalyst qw/Session::FastMmap Static Authentication::CDBI/; + + MyApp->config( authentication => { user_class => 'MyApp::M::MyApp::Users', + user_field => 'email', + password_field => 'password' }); + +'user_class' is a Class::DBI class for your users table. +'user_field' tells which field is used for username lookup (might be +email, first name, surname etc.). +'password_field' is, well, password field in your table and by default +password is stored in plain text. Authentication::CDBI looks for 'user' +and 'password' fields in table, if they're not defined in the config. + +In PostgreSQL, the users table might be something like: + + CREATE TABLE users ( + user_id serial, + name varchar(100), + surname varchar(100), + password varchar(100), + email varchar(100), + primary key(user_id) + ); + +We'll discuss the first variant for now: +1. user:password login/auth without roles + +To log in a user you might use an action like this: + + sub login : Local { + my ($self, $c) = @_; + if ($c->req->params->{username}) { + $c->session_login($c->req->params->{username}, + $c->req->params->{password} ); + if ($c->req->{user}) { + $c->forward('?restricted_area'); + } + } + } + +This action should not go in your MyApp class...if it does, it will +conflict with the built-in method of the same name. Instead, put it +in a Controller class. + +$c->req->params->{username} and $c->req->params->{password} are html +form parameters from a login form. If login succeeds, then +$c->req->{user} contains the username of the authenticated user. + +If you want to remember the user's login status in between further +requests, then just use the C<$c-Esession_login> method. Catalyst will +create a session id and session cookie and automatically append session +id to all urls. So all you have to do is just check $c->req->{user} +where needed. + +To log out a user, just call $c->session_logout. + +Now let's take a look at the second variant: +2. user:password login/auth with roles + +To use roles you need to add the following parameters to MyApp->config in the 'authentication' section: + + role_class => 'MyApp::M::MyApp::Roles', + user_role_class => 'MyApp::M::MyApp::UserRoles', + user_role_user_field => 'user_id', + user_role_role_field => 'role_id', + +Corresponding tables in PostgreSQL could look like this: + + CREATE TABLE roles ( + role_id serial, + name varchar(100), + primary key(role_id) + ); + + CREATE TABLE user_roles ( + user_role_id serial, + user_id int, + role_id int, + primary key(user_role_id), + foreign key(user_id) references users(user_id), + foreign key(role_id) references roles(role_id) + ); + +The 'roles' table is a list of role names and the 'user_role' table is +used for the user -> role lookup. + +Now if a logged-in user wants to see a location which is allowed only +for people with an 'admin' role, in your controller you can check it +with: + + sub add : Local { + my ($self, $c) = @_; + if ($c->roles(qw/admin/)) { + $c->req->output("Your account has the role 'admin.'"); + } else { + $c->req->output("You're not allowed to be here."); + } + } + +One thing you might need is to forward non-authenticated users to a login +form if they try to access restricted areas. If you want to do this +controller-wide (if you have one controller for your admin section) then it's +best to add a user check to a '!begin' action: + + sub begin : Private { + my ($self, $c) = @_; + unless ($c->req->{user}) { + $c->req->action(undef); ## notice this!! + $c->forward('?login'); + } + } + +Pay attention to $c->req->action(undef). This is needed because of the +way $c->forward works - C to C gets called, but after that +Catalyst will still execute the action defined in the URI (e.g. if you +tried to go to C, then first 'begin' will forward to 'login', but after +that 'add' will nonetheless be executed). So $c->req->action(undef) undefines any +actions that were to be called and forwards the user where we want him/her +to be. + +And this is all you need to do. + +=head2 Pass-through login (and other actions) + +An easy way of having assorted actions that occur during the processing +of a request that are orthogonal to its actual purpose - logins, silent +commands etc. Provide actions for these, but when they're required for +something else fill e.g. a form variable __login and have a sub begin +like so: + + sub begin : Private { + my ($self, $c) = @_; + foreach my $action (qw/login docommand foo bar whatever/) { + if ($c->req->params->{"__${action}"}) { + $c->forward($action); + } + } + } + +=head2 How to use Catalyst without mod_perl + +Catalyst applications give optimum performance when run under mod_perl. +However sometimes mod_perl is not an option, and running under CGI is +just too slow. There's also an alternative to mod_perl that gives +reasonable performance named FastCGI. + +=head3 Using FastCGI + +To quote from L: "FastCGI is a language +independent, scalable, extension to CGI that provides high performance +without the limitations of specific server APIs." Web server support +is provided for Apache in the form of C and there is Perl +support in the C module. To convert a CGI Catalyst application +to FastCGI one needs to initialize an C object and loop +while the C method returns zero. The following code shows how +it is done - and it also works as a normal, single-shot CGI script. + + #!/usr/bin/perl + use strict; + use FCGI; + use MyApp; + + my $request = FCGI::Request(); + while ($request->Accept() >= 0) { + MyApp->run; + } + +Any initialization code should be included outside the request-accept +loop. + +There is one little complication, which is that Crun> outputs a +complete HTTP response including the status line (e.g.: +"C"). +FastCGI just wants a set of headers, so the sample code captures the +output and drops the first line if it is an HTTP status line (note: +this may change). + +The Apache C module is provided by a number of Linux +distros and is straightforward to compile for most Unix-like systems. +The module provides a FastCGI Process Manager, which manages FastCGI +scripts. You configure your script as a FastCGI script with the +following Apache configuration directives: + + + AddHandler fastcgi-script fcgi + + +or: + + + SetHandler fastcgi-script + Action fastcgi-script /path/to/fcgi-bin/fcgi-script + + +C provides a number of options for controlling the FastCGI +scripts spawned; it also allows scripts to be run to handle the +authentication, authorization, and access check phases. + +For more information see the FastCGI documentation, the C module +and L. + +=head2 Serving static content + +Serving static content in Catalyst can be somewhat tricky; this recipe +shows one possible solution. Using this recipe will serve all static +content through Catalyst when developing with the built-in HTTP::Daemon +server, and will make it easy to use Apache to serve the content when +your app goes into production. + +Static content is best served from a single directory within your root +directory. Having many different directories such as C and +C requires more code to manage, because you must separately +identify each static directory--if you decide to add a C +directory, you'll need to change your code to account for it. In +contrast, keeping all static directories as subdirectories of a main +C directory makes things much easier to manager. Here's an +example of a typical root directory structure: + + root/ + root/content.tt + root/controller/stuff.tt + root/header.tt + root/static/ + root/static/css/main.css + root/static/images/logo.jpg + root/static/js/code.js + + +All static content lives under C with everything else being +Template Toolkit files. Now you can identify the static content by +matching C from within Catalyst. + +=head3 Serving with HTTP::Daemon (myapp_server.pl) + +To serve these files under the standalone server, we first must load the +Static plugin. Install L if it's not already +installed. + +In your main application class (MyApp.pm), load the plugin: + + use Catalyst qw/-Debug FormValidator Static OtherPlugin/; + +You will also need to make sure your end method does I forward +static content to the view, perhaps like this: + + sub end : Private { + my ( $self, $c ) = @_; + + $c->forward( 'MyApp::V::TT' ) + unless ( $c->res->body || !$c->stash->{template} ); + } + +This code will only forward to the view if a template has been +previously defined by a controller and if there is not already data in +C<$c-Eres-Ebody>. + +Next, create a controller to handle requests for the /static path. Use +the Helper to save time. This command will create a stub controller as +C. + + $ script/myapp_create.pl controller Static + +Edit the file and add the following methods: + + # serve all files under /static as static files + sub default : Path('/static') { + my ( $self, $c ) = @_; + + # Optional, allow the browser to cache the content + $c->res->headers->header( 'Cache-Control' => 'max-age=86400' ); + + $c->serve_static; # from Catalyst::Plugin::Static + } + + # also handle requests for /favicon.ico + sub favicon : Path('/favicon.ico') { + my ( $self, $c ) = @_; + + $c->serve_static; + } + +You can also define a different icon for the browser to use instead of +favicon.ico by using this in your HTML header: + + + +=head3 Common problems + +The Static plugin makes use of the C package to +automatically determine MIME types. This package is notoriously +difficult to install, especially on win32 and OSX. For OSX the easiest +path might be to install Fink, then use C. Restart the server, and everything should be fine. + +Make sure you are using the latest version (>= 0.16) for best +results. If you are having errors serving CSS files, or if they get +served as text/plain instead of text/css, you may have an outdated +shared-mime-info version. You may also wish to simply use the following +code in your Static controller: + + if ($c->req->path =~ /css$/i) { + $c->serve_static( "text/css" ); + } else { + $c->serve_static; + } + +=head3 Serving with Apache + +When using Apache, you can completely bypass Catalyst and the Static +controller by intercepting requests for the C path at the +server level. All that is required is to define a DocumentRoot and add a +separate Location block for your static content. Here is a complete +config for this application under mod_perl 1.x; variations, some of +which could be simpler, are left as an exercise for the reader: + + + use lib qw(/var/www/MyApp/lib); + + PerlModule MyApp + + + ServerName myapp.example.com + DocumentRoot /var/www/MyApp/root + + SetHandler perl-script + PerlHandler MyApp + + + SetHandler default-handler + + + +=head2 Forwarding with arguments + +Sometimes you want to pass along arguments when forwarding to another +action. As of version 5.30, arguments can be passed in the call to +C; in earlier versions, you can manually set the arguments in +the Catalyst Request object: + + # version 5.30 and later: + $c->forward('/wherever', [qw/arg1 arg2 arg3/]); + + # pre-5.30 + $c->req->args([qw/arg1 arg2 arg3/]); + $c->forward('/wherever'); + +(See L for more information on +passing arguments via C.) + +=head2 Configure your application + +You configure your application with the C method in your +application class. This can be hard-coded, or brought in from a +separate configuration file. + +=head3 Using YAML + +YAML is a method for creating flexible and readable configuration +files. It's a great way to keep your Catalyst application configuration +in one easy-to-understand location. + +In your application class (e.g. C): + + use YAML; + # application setup + __PACKAGE__->config( YAML::LoadFile(__PACKAGE__->config->{'home'} . '/myapp.yml') ); + __PACKAGE__->setup; + +Now create C in your application home: + + --- #YAML:1.0 + # DO NOT USE TABS FOR INDENTATION OR label/value SEPARATION!!! + name: MyApp + + # authentication; perldoc Catalyst::Plugin::Authentication::CDBI + authentication: + user_class: 'MyApp::M::MyDB::Customer' + user_field: 'username' + password_field: 'password' + password_hash: 'md5' + role_class: 'MyApp::M::MyDB::Role' + user_role_class: 'MyApp::M::MyDB::PersonRole' + user_role_user_field: 'person' + + # session; perldoc Catalyst::Plugin::Session::FastMmap + session: + expires: '3600' + rewrite: '0' + storage: '/tmp/myapp.session' + + # emails; perldoc Catalyst::Plugin::Email + # this passes options as an array :( + email: + - SMTP + - localhost + +This is equivalent to: + + # configure base package + __PACKAGE__->config( name => MyApp ); + # configure authentication + __PACKAGE__->config->{authentication} = { + user_class => 'MyApp::M::MyDB::Customer', + ... + }; + # configure sessions + __PACKAGE__->config->{session} = { + expires => 3600, + ... + }; + # configure email sending + __PACKAGE__->config->{email} = [qw/SMTP localhost/]; + +See also L. =head1 AUTHOR Sebastian Riedel, C +Danijel Milicevic, C +Viljo Marrandi, C +Marcus Ramberg, C +Jesse Sheidlower, C +Andy Grundman, C +Marcus Ramberg C +Chisel Wright C =head1 COPYRIGHT -This program is free software, you can redistribute it and/or modify it under -the same terms as Perl itself. +This program is free software, you can redistribute it and/or modify it +under the same terms as Perl itself.