X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthentication.pod;h=26707fee82c2911fc3ec8c9ae6b978d47a5a54bb;hb=d0afb3a93f0c51d32e9074957fff4e8b5aae0369;hp=0c8e2b348e841028f69d6944326c5023e4294294;hpb=33aee7ed93ee23ff174aa8affcaf935148a67230;p=catagits%2FCatalyst-Runtime.git diff --git a/lib/Catalyst/Manual/Tutorial/Authentication.pod b/lib/Catalyst/Manual/Tutorial/Authentication.pod index 0c8e2b3..26707fe 100644 --- a/lib/Catalyst/Manual/Tutorial/Authentication.pod +++ b/lib/Catalyst/Manual/Tutorial/Authentication.pod @@ -45,7 +45,7 @@ L =item 9 -L +L =back @@ -63,8 +63,7 @@ B: Note that all of the code for this part of the tutorial can be pulled from the Catalyst Subversion repository in one step with the following command: - svn checkout http://dev.catalyst.perl.org/repos/Catalyst/trunk/examples/Tutorial@### - IMPORTANT: Does not work yet. Will be completed for final version. + svn co http://dev.catalyst.perl.org/repos/Catalyst/tags/examples/Tutorial/MyApp/5.7/Authentication MyApp =head1 BASIC AUTHENTICATION @@ -414,15 +413,21 @@ you could have a C controller with both C and C actions. Remember, Catalyst is designed to be very flexible, and leaves such matters up to you, the designer and programmer. -Then open C and add: +Then open C, locate the C method (this was automatically inserted by the helpers when we +created the Login controller above), and delete this line: - =head2 base + $c->response->body('Matched MyApp::Controller::Login in Login.'); + +Then update it to match: + + =head2 index Login logic =cut - sub base :Path :Args(0) { + sub index : Private { my ($self, $c) = @_; # Get the username and password from form @@ -453,29 +458,34 @@ at the login page but receive an error message. If the C and C values are not present in the form, the user will be taken to the empty login form. -We are using C here to specifically match -the URL C. C actions (aka, "literal actions") create URI -matches relative to the namespace of the controller where they are defined. -Although C supports arguments that allow relative and absolute paths -to be defined, here we use an empty C definition to match on just the -name of the controller itself. The method name, C, is arbitrary. -We make the match even more specific with the C<:Args(0)> action modifier --- this forces the match on I C, not C. - Note that we could have used something like C; however, the use of C actions is discouraged because it does not receive path args as with other actions. The recommended practice is to only use C in C. -Next, create a corresponding method in C: +Another option would be to use something like +C (where the C<...> refers to the login +code shown in C above). We are using C here to specifically match the URL C. +C actions (aka, "literal actions") create URI matches relative to +the namespace of the controller where they are defined. Although +C supports arguments that allow relative and absolute paths to be +defined, here we use an empty C definition to match on just the +name of the controller itself. The method name, C, is arbitrary. +We make the match even more specific with the C<:Args(0)> action +modifier -- this forces the match on I C, not +C. - =head2 base +Next, update the corresponding method in C +to match: + + =head2 index Logout logic =cut - sub base :Path :Args(0) { + sub index : Private { my ($self, $c) = @_; # Clear the user's state @@ -485,8 +495,9 @@ Next, create a corresponding method in C: $c->response->redirect($c->uri_for('/')); } -Note that we are using the same C style -of action as with the login logic. +As with the login controller, be sure to delete the +C<$c->response->body('Matched MyApp::Controller::Logout in Logout.');> +line of the C. =head2 Add a Login Form TT Template Page @@ -533,11 +544,17 @@ the following method: # Note that 'auto' runs after 'begin' but before your actions and that # 'auto' "chain" (all from application path to most specific class are run) + # See the 'Actions' section of 'Catalyst::Manual::Intro' for more info. sub auto : Private { my ($self, $c) = @_; - # Allow unauthenticated users to reach the login page - if ($c->request->path =~ /login/) { + # Allow unauthenticated users to reach the login page. This + # allows anauthenticated users to reach any action in the Login + # controller. To lock it down to a single action, we could use: + # if ($c->action eq $c->controller('Login')->action_for('index')) + # to only allow unauthenticated access to the C action we + # added above. + if ($c->controller eq $c->controller('Login')) { return 1; } @@ -575,9 +592,18 @@ C, C, and C. =item * +With C, C, C, C private actions, only the +most specific action of each type will be called. For example, if you +define a C action in your controller it will I a +C action in your application/root controller -- I the +action in your controller will be called. + +=item * + Unlike the other actions where only a single method is called for each request, I auto action along the chain of namespaces will be -called. +called. Each C action will be called I. =back @@ -654,11 +680,11 @@ bottom: Create

-Reload your browser and you should now see a "Login" and "Create" links -at the bottom of the page (as mentioned earlier, you can update -template files without reloading the development server). Click this -link to return to the login page. This time you I see the -"You are already logged in" message. +Reload your browser and you should now see a "Login" and "Create" links +at the bottom of the page (as mentioned earlier, you can update template +files without reloading the development server). Click the first link +to return to the login page. This time you I see the "You are +already logged in" message. Finally, click the C link on the C page. You should stay at the login page, but the message should change to "You @@ -740,7 +766,8 @@ C are new, everything else is the same): # This is the model object created by Catalyst::Model::DBIC from your # schema (you created 'MyAppDB::User' but as the Catalyst startup # debug messages show, it was loaded as 'MyApp::Model::MyAppDB::User'). - # NOTE: Omit 'MyApp::Model' to avoid a component lookup issue in Catalyst 5.66 + # NOTE: Omit 'MyApp::Model' here just as you would when using + # '$c->model("MyAppDB::User)' user_class: MyAppDB::User # This is the name of the field in your 'users' table that contains the user's name user_field: username @@ -764,13 +791,22 @@ You should now be able to go to L and login as before. When done, click the "Logout" link on the login page (or point your browser at L). +B If you receive the debug screen in your browser with a +C error message, +make sure that you are using v0.07 of +L. +The following command can be a useful way to quickly dump the version number +of this module on your system: + + perl -MCatalyst::Plugin::Authorization::ACL -e 'print $Catalyst::Plugin::Authorization::ACL::VERSION, "\n";' + =head1 AUTHOR Kennedy Clark, C Please report any errors, issues or suggestions to the author. The -most recent version of the Catlayst Tutorial can be found at +most recent version of the Catalyst Tutorial can be found at L. Copyright 2006, Kennedy Clark, under Creative Commons License