X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthentication.pod;h=f58e2d6b986e80bdde8d12582a995e6cd0d336f9;hb=d645910ddfb37f5c18acaf6ce88fd392a91101db;hp=0b06b2b92a91e348f10c1633a328dc00d7a696cf;hpb=7e5eb02c6b73fe449f282d5ac54f319463a46c3c;p=catagits%2FCatalyst-Runtime.git

diff --git a/lib/Catalyst/Manual/Tutorial/Authentication.pod b/lib/Catalyst/Manual/Tutorial/Authentication.pod
index 0b06b2b..f58e2d6 100644
--- a/lib/Catalyst/Manual/Tutorial/Authentication.pod
+++ b/lib/Catalyst/Manual/Tutorial/Authentication.pod
@@ -63,7 +63,7 @@ B<TIP>: Note that all of the code for this part of the tutorial can be
 pulled from the Catalyst Subversion repository in one step with the
 following command:
 
-    svn checkout http://dev.catalyst.perl.org/repos/Catalyst/trunk/examples/Tutorial@###
+    svn checkout http://dev.catalyst.perl.org/repos/Catalyst/trunk/examples/Tutorial@4612 .
     IMPORTANT: Does not work yet.  Will be completed for final version.
 
 
@@ -333,7 +333,7 @@ Again, notice that your "result source" classes have been "re-loaded" by Catalys
 
 =head2 Include Authentication and Session Plugins
 
-Edit C<lib/MyApp.pm> and update it as follows (everything below C<DefaultEnd> is new):
+Edit C<lib/MyApp.pm> and update it as follows (everything below C<StackTrace> is new):
 
     use Catalyst qw/
             -Debug
@@ -341,7 +341,6 @@ Edit C<lib/MyApp.pm> and update it as follows (everything below C<DefaultEnd> is
             Static::Simple
             
             StackTrace
-            DefaultEnd
             
             Authentication
             Authentication::Store::DBIC
@@ -415,7 +414,13 @@ you could have a C<User> controller with both C<login> and C<logout>
 actions.  Remember, Catalyst is designed to be very flexible, and leaves
 such matters up to you, the designer and programmer.
 
-Then open C<lib/MyApp/Controller/Login.pm> and add:
+Then open C<lib/MyApp/Controller/Login.pm>, locate the C<sub index : 
+Private> method (this was automatically inserted by the helpers when we 
+created the Login controller above), and delete this line:
+
+    $c->response->body('Matched MyApp::Controller::Login in Login.');
+
+Then update it to match:
 
     =head2 base
     
@@ -423,7 +428,7 @@ Then open C<lib/MyApp/Controller/Login.pm> and add:
     
     =cut
     
-    sub base :Path :Args(0) {
+    sub index : Private {
         my ($self, $c) = @_;
     
         # Get the username and password from form
@@ -454,20 +459,24 @@ at the login page but receive an error message.  If the C<username> and
 C<password> values are not present in the form, the user will be taken
 to the empty login form.
 
-We are using C<sub base :Path :Args(0) {...}> here to specifically match 
-the URL C</login>.  C<Path> actions (aka, "literal actions") create URI 
-matches relative to the namespace of the controller where they are defined.  
-Although C<Path> supports arguments that allow relative and absolute paths 
-to be defined, here we use an empty C<Path> definition to match on just the 
-name of the controller itself.  The method name, C<base>, is arbitrary.  
-We make the match even more specific with the C<:Args(0)> action modifier 
--- this forces the match on I<only> C</login>, not C</login/somethingelse>.
-
 Note that we could have used something like C<sub default :Private>; 
 however, the use of C<default> actions is discouraged because it does
 not receive path args as with other actions.  The recommended practice 
 is to only use C<default> in C<MyApp::Controller::Root>.
 
+Another options would be to use something like 
+C<sub base :Path :Args(0) {...}> (where the C<...> refers to the login 
+code shown in C<sub index : Private> above). We are using C<sub base 
+:Path :Args(0) {...}> here to specifically match the URL C</login>. 
+C<Path> actions (aka, "literal actions") create URI matches relative to 
+the namespace of the controller where they are defined.  Although 
+C<Path> supports arguments that allow relative and absolute paths to be 
+defined, here we use an empty C<Path> definition to match on just the 
+name of the controller itself.  The method name, C<base>, is arbitrary. 
+We make the match even more specific with the C<:Args(0)> action 
+modifier -- this forces the match on I<only> C</login>, not 
+C</login/somethingelse>.
+
 Next, create a corresponding method in C<lib/MyApp/Controller/Logout.pm>:
 
     =head2 base
@@ -476,7 +485,7 @@ Next, create a corresponding method in C<lib/MyApp/Controller/Logout.pm>:
     
     =cut
     
-    sub base :Path :Args(0) {
+    sub index : Private {
         my ($self, $c) = @_;
     
         # Clear the user's state
@@ -486,8 +495,9 @@ Next, create a corresponding method in C<lib/MyApp/Controller/Logout.pm>:
         $c->response->redirect($c->uri_for('/'));
     }
 
-Note that we are using the same C<sub base :Path :Args(0) {...}> style
-of action as with the login logic.
+As with the login controller, be sure to delete the 
+C<$c->response->body('Matched MyApp::Controller::Logout in Logout.');>
+line of the C<sub index>.
 
 
 =head2 Add a Login Form TT Template Page
@@ -655,11 +665,11 @@ bottom:
       <a href="[% Catalyst.uri_for('form_create') %]">Create</a>
     </p>
 
-Reload your browser and you should now see a "Login" and "Create" links
-at the bottom of the page (as mentioned earlier, you can update 
-template files without reloading the development server).  Click this 
-link to return to the login page.  This time you I<should> see the 
-"You are already logged in" message.
+Reload your browser and you should now see a "Login" and "Create" links 
+at the bottom of the page (as mentioned earlier, you can update template 
+files without reloading the development server).  Click the first link 
+to return to the login page.  This time you I<should> see the "You are 
+already logged in" message.
 
 Finally, click the C<You can logout here> link on the C</login> page.
 You should stay at the login page, but the message should change to "You
@@ -695,6 +705,13 @@ dirty" way to do this:
     e727d1464ae12436e899a726da5b2f11d8381b26
     $
 
+B<Note:> You should probably modify this code for production use to
+not read the password from the command line.  By having the script
+prompt for the cleartext password, it avoids having the password linger
+in forms such as your C<.bash_history> files (assuming you are using
+BASH as your shell).  An example of such a script can be found in
+Appendix 3.
+
 
 =head2 Switch to SHA-1 Password Hashes in the Database
 
@@ -758,12 +775,23 @@ You should now be able to go to L<http://localhost:3000/books/list> and
 login as before.  When done, click the "Logout" link on the login page
 (or point your browser at L<http://localhost:3000/logout>).
 
+B<Note:> If you receive the debug screen in your browser with a 
+C<Can't call method "stash" on an undefined value...> error message,
+make sure that you are using v0.07 of 
+L<Catalyst::Plugin::Authorization::ACL|Catalyst::Plugin::Authorization::ACL>.
+The following command can be a useful way to quickly dump the version number
+of this module on your system:
+
+    perl -MCatalyst::Plugin::Authorization::ACL -e 'print $Catalyst::Plugin::Authorization::ACL::VERSION, "\n";'
+
 
 =head1 AUTHOR
 
 Kennedy Clark, C<hkclark@gmail.com>
 
-Please report any errors, issues or suggestions to the author.
+Please report any errors, issues or suggestions to the author.  The
+most recent version of the Catlayst Tutorial can be found at
+L<http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Runtime/lib/Catalyst/Manual/Tutorial/>.
 
 Copyright 2006, Kennedy Clark, under Creative Commons License
 (L<http://creativecommons.org/licenses/by-nc-sa/2.5/>).