X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FPlugin%2FAuthentication.pm;h=ca0c4251e38a400ef8900c37e89791f972607490;hb=cb5d628d9f1a02fda5e195f39fff589139456186;hp=223119f15c15c2e4e9b114fec82b3e8954ba0abc;hpb=47cede3dc7cd480eb566a4eb4cfca05e87ab2df8;p=catagits%2FCatalyst-Plugin-Authentication.git diff --git a/lib/Catalyst/Plugin/Authentication.pm b/lib/Catalyst/Plugin/Authentication.pm index 223119f..ca0c425 100644 --- a/lib/Catalyst/Plugin/Authentication.pm +++ b/lib/Catalyst/Plugin/Authentication.pm @@ -12,7 +12,7 @@ use Tie::RefHash; use Class::Inspector; use Catalyst::Authentication::Realm; -our $VERSION = "0.10010"; +our $VERSION = "0.10013"; sub set_authenticated { my ( $c, $user, $realmname ) = @_; @@ -98,7 +98,7 @@ sub persist_user { ## if we have a valid session handler - we store the ## realm in the session. If not - we have to hope that ## the realm can recognize its frozen user somehow. - if ($c->isa("Catalyst::Plugin::Session") && + if ($c->can('session') && $c->config->{'Plugin::Authentication'}{'use_session'} && $c->session_is_valid) { @@ -153,7 +153,7 @@ sub find_realm_for_persisted_user { my $c = shift; my $realm; - if ($c->isa("Catalyst::Plugin::Session") + if ($c->can('session') and $c->config->{'Plugin::Authentication'}{'use_session'} and $c->session_is_valid and exists($c->session->{'__user_realm'})) { @@ -165,10 +165,10 @@ sub find_realm_for_persisted_user { } else { ## we have no choice but to ask each realm whether it has a persisted user. foreach my $realmname (@{$c->_auth_realm_restore_order}) { - my $ret = $c->auth_realms->{$realmname}->user_is_restorable($c); - if ($ret) { - return $c->auth_realms->{$realmname}; - } + my $realm = $c->auth_realms->{$realmname} + || Catalyst::Exception->throw("Could not find authentication realm '$realmname'"); + return $realm + if $realm->user_is_restorable($c); } } return undef; @@ -626,7 +626,7 @@ This means that our application will begin like this: Authentication /; - __PACKAGE__->config->{'Plugin::Authentication'} = + __PACKAGE__->config( 'Plugin::Authentication' => { default => { credential => { @@ -649,7 +649,8 @@ This means that our application will begin like this: } } } - }; + } + ); This tells the authentication plugin what realms are available, which credential and store modules are used, and the configuration of each. With @@ -745,7 +746,7 @@ efficient to maintain a hash of users, so you move this data to a database. You can accomplish this simply by installing the L Store and changing your config: - __PACKAGE__->config->{'Plugin::Authentication'} = + __PACKAGE__->config( 'Plugin::Authentication'} => { default_realm => 'members', members => { @@ -760,7 +761,8 @@ changing your config: role_column => 'roles' } } - }; + } + ); The authentication system works behind the scenes to load your data from the new source. The rest of your application is completely unchanged. @@ -769,7 +771,7 @@ new source. The rest of your application is completely unchanged. =head1 CONFIGURATION # example - __PACKAGE__->config->{'Plugin::Authentication'} = + __PACKAGE__->config( 'Plugin::Authentication' => { default_realm => 'members', @@ -796,16 +798,27 @@ new source. The rest of your application is completely unchanged. authserver => '192.168.10.17' } } - }; + } + ); + +NOTE: Until version 0.10008 of this module, you would need to put all the +realms inside a "realms" key in the configuration. Please see +L for more information =over 4 =item use_session Whether or not to store the user's logged in state in the session, if the -application is also using L. This +application is also using L. This value is set to true per default. +However, even if use_session is disabled, if any code touches $c->session, a session +object will be auto-vivified and session Cookies will be sent in the headers. To +prevent accidental session creation, check if a session already exists with +if ($c->sessionid) { ... }. If the session doesn't exist, then don't place +anything in the session to prevent an unecessary session from being created. + =item default_realm This defines which realm should be used as when no realm is provided to methods @@ -921,6 +934,12 @@ Retrieves the realm instance for the realmname provided. This was a short-lived method to update user information - you should use persist_user instead. +=head2 $c->setup_auth_realm( ) + +=head1 OVERRIDDEN METHODS + +=head2 $c->setup( ) + =head1 SEE ALSO This list might not be up to date. Below are modules known to work with the updated @@ -932,12 +951,45 @@ L =head2 User Storage Backends -L, -L, +=over + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=back =head2 Credential verification -L, +=over + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=item L + +=back =head2 Authorization @@ -959,11 +1011,6 @@ This module along with its sub plugins deprecate a great number of other modules. These include L, L. -At the time of writing these plugins have not yet been replaced or updated, but -should be eventually: L, -L, -L. - =head1 INCOMPATABILITIES The realms-based configuration and functionality of the 0.10 update @@ -976,6 +1023,26 @@ configs. The changes required to update modules are relatively minor and are covered in L. We hope that most modules will move to the compatible list above very quickly. +=head1 COMPATIBILITY CONFIGURATION + +Until version 0.10008 of this module, you needed to put all the +realms inside a "realms" key in the configuration. + + # example + __PACKAGE__->config( 'Plugin::Authentication'} => + { + default_realm => 'members', + realms => { + members => { + ... + }, + }, + } + ); + +If you use the old, deprecated C<< __PACKAGE__->config( 'authentication' ) >> +configuration key, then the realms key is still required. + =head1 COMPATIBILITY ROUTINES In version 0.10 of L, the API @@ -1007,7 +1074,7 @@ included here for reference only. Return the store whose name is 'default'. -This is set to C<< $c->config->{'Plugin::Authentication'}{store} >> if that value exists, +This is set to C<< $c->config( 'Plugin::Authentication' => { store => # Store} ) >> if that value exists, or by using a Store plugin: # load the Minimal authentication store. @@ -1036,10 +1103,6 @@ Register stores into the application. =head2 $c->get_user( ) -=head2 $c->setup( ) - -=head2 $c->setup_auth_realm( ) - =head1 AUTHORS Yuval Kogman, C @@ -1050,7 +1113,11 @@ Jess Robinson David Kamholz -Tomas Doran (t0m), C +Tomas Doran (t0m), C + +kmx + +Nigel Metheringham =head1 COPYRIGHT & LICENSE