X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FPlugin%2FAuthentication.pm;h=1ea5b7ac84e53f76e9bc328a0e6e03371d0b0f9c;hb=0c4fbc79e50eadae9616dab21b9be132ed6cc98c;hp=11d25f00b9c24c7fbe970b28c1b611e1c8163022;hpb=97c842974905e0cdd9a5fc7e7bd1ce39f57fdae1;p=catagits%2FCatalyst-Plugin-Authentication.git diff --git a/lib/Catalyst/Plugin/Authentication.pm b/lib/Catalyst/Plugin/Authentication.pm index 11d25f0..1ea5b7a 100644 --- a/lib/Catalyst/Plugin/Authentication.pm +++ b/lib/Catalyst/Plugin/Authentication.pm @@ -2,18 +2,17 @@ package Catalyst::Plugin::Authentication; use base qw/Class::Accessor::Fast Class::Data::Inheritable/; -BEGIN { - __PACKAGE__->mk_accessors(qw/_user/); -} +__PACKAGE__->mk_accessors(qw/_user/); use strict; use warnings; +use MRO::Compat; use Tie::RefHash; use Class::Inspector; use Catalyst::Authentication::Realm; -our $VERSION = "0.100092"; +our $VERSION = "0.10011"; sub set_authenticated { my ( $c, $user, $realmname ) = @_; @@ -34,7 +33,7 @@ sub set_authenticated { $c->persist_user(); - $c->NEXT::set_authenticated($user, $realmname); + $c->maybe::next::method($user, $realmname); } sub user { @@ -99,7 +98,7 @@ sub persist_user { ## if we have a valid session handler - we store the ## realm in the session. If not - we have to hope that ## the realm can recognize its frozen user somehow. - if ($c->isa("Catalyst::Plugin::Session") && + if ($c->can('session') && $c->config->{'Plugin::Authentication'}{'use_session'} && $c->session_is_valid) { @@ -132,7 +131,7 @@ sub logout { $realm->remove_persisted_user($c); } - $c->NEXT::logout(@_); + $c->maybe::next::method(@_); } sub find_user { @@ -154,7 +153,7 @@ sub find_realm_for_persisted_user { my $c = shift; my $realm; - if ($c->isa("Catalyst::Plugin::Session") + if ($c->can('session') and $c->config->{'Plugin::Authentication'}{'use_session'} and $c->session_is_valid and exists($c->session->{'__user_realm'})) { @@ -189,7 +188,7 @@ sub auth_restore_user { $c->_user( my $user = $realm->restore_user( $c, $frozen_user ) ); # this sets the realm the user originated in. - $user->auth_realm($realm->name); + $user->auth_realm($realm->name) if $user; return $user; @@ -201,7 +200,7 @@ sub setup { my $app = shift; $app->_authentication_initialize(); - $app->NEXT::setup(@_); + $app->next::method(@_); } ## the actual initialization routine. whee. @@ -799,14 +798,24 @@ new source. The rest of your application is completely unchanged. } }; +NOTE: Until version 0.10008 of this module, you would need to put all the +realms inside a "realms" key in the configuration. Please see +L for more information + =over 4 =item use_session Whether or not to store the user's logged in state in the session, if the -application is also using L. This +application is also using L. This value is set to true per default. +However, even if use_session is disabled, if any code touches $c->session, a session +object will be auto-vivified and session Cookies will be sent in the headers. To +prevent accidental session creation, check if a session already exists with +if ($c->sessionid) { ... }. If the session doesn't exist, then don't place +anything in the session to prevent an unecessary session from being created. + =item default_realm This defines which realm should be used as when no realm is provided to methods @@ -922,6 +931,12 @@ Retrieves the realm instance for the realmname provided. This was a short-lived method to update user information - you should use persist_user instead. +=head2 $c->setup_auth_realm( ) + +=head1 OVERRIDDEN METHODS + +=head2 $c->setup( ) + =head1 SEE ALSO This list might not be up to date. Below are modules known to work with the updated @@ -933,12 +948,43 @@ L =head2 User Storage Backends -L, -L, +=over + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=back =head2 Credential verification -L, +=over + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L =head2 Authorization @@ -960,11 +1006,6 @@ This module along with its sub plugins deprecate a great number of other modules. These include L, L. -At the time of writing these plugins have not yet been replaced or updated, but -should be eventually: L, -L, -L. - =head1 INCOMPATABILITIES The realms-based configuration and functionality of the 0.10 update @@ -977,6 +1018,25 @@ configs. The changes required to update modules are relatively minor and are covered in L. We hope that most modules will move to the compatible list above very quickly. +=head1 COMPATIBILITY CONFIGURATION + +Until version 0.10008 of this module, you needed to put all the +realms inside a "realms" key in the configuration. + + # example + __PACKAGE__->config->{'Plugin::Authentication'} = + { + default_realm => 'members', + realms => { + members => { + ... + }, + }, + }; + +If you use the old, deprecated C<< __PACKAGE__->config->{'authentication'} >> +configuration key, then the realms key is still required. + =head1 COMPATIBILITY ROUTINES In version 0.10 of L, the API @@ -1037,10 +1097,6 @@ Register stores into the application. =head2 $c->get_user( ) -=head2 $c->setup( ) - -=head2 $c->setup_auth_realm( ) - =head1 AUTHORS Yuval Kogman, C