X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthentication.pod;h=8c247262dfd5ef19116deba708c8abc01e97211b;hb=3778bcbe622622881133e21002eea4179453c2f0;hp=46b061c7a605081a3af6a466b80d309d8d87025b;hpb=5e6026272f809951ac22fae43b73d2c1dc79c7fc;p=catagits%2FCatalyst-Manual.git
diff --git a/lib/Catalyst/Manual/Tutorial/Authentication.pod b/lib/Catalyst/Manual/Tutorial/Authentication.pod
index 46b061c..8c24726 100644
--- a/lib/Catalyst/Manual/Tutorial/Authentication.pod
+++ b/lib/Catalyst/Manual/Tutorial/Authentication.pod
@@ -50,6 +50,16 @@ L
=back
+=head1 IMPORTANT NOTE
+
+Since this tutorial was written, there has been a new Authentication
+API released (Catalyst::Plugin::Authentication version 0.1 and later).
+Some of this tutorial does not work with this API, and requires
+minimal changes. For an example application that uses the new API see
+L. It
+is recommended that you read this tutorial first, and then download
+the source code linked above to understand the differences.
+
=head1 DESCRIPTION
Now that we finally have a simple yet functional application, we can
@@ -339,23 +349,32 @@ Edit C and update it as follows (everything below C is
StackTrace
Authentication
- Authentication::Store::DBIC
- Authentication::Credential::Password
Session
Session::Store::FastMmap
Session::State::Cookie
/;
-The three C plugins work together to support
+The C plugin supports
Authentication while the C plugins are required to maintain
-state across multiple HTTP requests. Note that there are several
-options for L
+state across multiple HTTP requests.
+
+Note that the only required Authentication class is the main
+one. This is a change that occured in version 0.09999_01
+of the C plugin. You B to specify a
+particular Authentication::Store or Authentication::Credential plugin.
+Instead, indicate the Store and Credential you want to use in your application
+configuration (see below).
+
+Note that there are several
+options for L
(L
is generally a good choice if you are on Unix; try
-L if you are on
-Win32) -- consult L and
-its subclasses for additional information.
+L if you
+are on Win32) -- consult
+L and its subclasses
+for additional information and options (for example to use a
+database-backed session store).
=head2 Configure Authentication
@@ -373,21 +392,25 @@ C YAML and update it to match:
---
name: MyApp
authentication:
- dbic:
- # Note this first definition would be the same as setting
- # __PACKAGE__->config->{authentication}->{dbic}->{user_class} = 'MyAppDB::User'
- # in lib/MyApp.pm (IOW, each hash key becomes a "name:" in the YAML file).
- #
+ default_realm: dbic
+ realms:
+ dbic:
+ credential:
+ class: Password
+ password_field: password
+ password_type: self_check
+ store:
+ class: DBIx::Class
# This is the model object created by Catalyst::Model::DBIC from your
# schema (you created 'MyAppDB::User' but as the Catalyst startup
# debug messages show, it was loaded as 'MyApp::Model::MyAppDB::User').
# NOTE: Omit 'MyApp::Model' to avoid a component lookup issue in Catalyst 5.66
- user_class: MyAppDB::User
+ user_class: MyApp::Users
# This is the name of the field in your 'users' table that contains the user's name
- user_field: username
- # This is the name of the field in your 'users' table that contains the password
- password_field: password
- # Other options can go here for hashed passwords
+ id_field: username
+ role_relation: roles
+ role_field: rolename
+ ignore_fields_in_find: [ 'remote_name' ]
Inline comments in the code above explain how each field is being used.
@@ -434,7 +457,8 @@ Then update it to match:
# If the username and password values were found in form
if ($username && $password) {
# Attempt to log the user in
- if ($c->login($username, $password)) {
+ if ($c->authenticate({ username => $username,
+ password => $password} )) {
# If successful, then let them use the application
$c->response->redirect($c->uri_for('/books/list'));
return;
@@ -449,11 +473,11 @@ Then update it to match:
}
This controller fetches the C and C values from the
-login form and attempts to perform a login. If successful, it redirects
-the user to the book list page. If the login fails, the user will stay
-at the login page but receive an error message. If the C and
-C values are not present in the form, the user will be taken
-to the empty login form.
+login form and attempts to authenticate the user. If successful, it
+redirects the user to the book list page. If the login fails, the user
+will stay at the login page but receive an error message. If the
+C and C values are not present in the form, the
+user will be taken to the empty login form.
Note that we could have used something like C;
however, the use of C actions is discouraged because it does
@@ -634,6 +658,7 @@ lines to the bottom of the file:
TT code, it's probably a little too subtle for use in "normal"
comments.
%]
+
Although most of the code is comments, the middle few lines provide a
"you are already logged in" reminder if the user returns to the login
@@ -869,7 +894,7 @@ Kennedy Clark, C
Please report any errors, issues or suggestions to the author. The
most recent version of the Catalyst Tutorial can be found at
-L.
+L.
Copyright 2006, Kennedy Clark, under Creative Commons License
(L).