X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2Fstemmaweb%2FController%2FUsers.pm;h=32f629fcd8c0f87df411ca57cc044b0c64b3c97c;hb=3f7346b1ac3ccc20e75cf0c8acb9081a8f100be6;hp=71ee603eefd516c8cecc3f6c0adf08ceef953143;hpb=b600c671666d04ca851466d1de3970b6704be169;p=scpubgit%2Fstemmaweb.git

diff --git a/lib/stemmaweb/Controller/Users.pm b/lib/stemmaweb/Controller/Users.pm
index 71ee603..32f629f 100644
--- a/lib/stemmaweb/Controller/Users.pm
+++ b/lib/stemmaweb/Controller/Users.pm
@@ -3,6 +3,7 @@ use Moose;
 use namespace::autoclean;
 
 BEGIN {extends 'CatalystX::Controller::Auth'; }
+with 'Catalyst::TraitFor::Controller::reCAPTCHA';
 
 =head1 NAME
 
@@ -10,7 +11,13 @@ stemmaweb::Controller::Users - Catalyst Controller
 
 =head1 DESCRIPTION
 
-Catalyst Controller.
+The Users controller is based on L<CatalystX::Controller::Auth>, see
+there for most of the functionality. Any localised parts are described
+below.
+
+This controller uses L<Catalyst::TraitFor::Controller::reCAPTCHA> to
+create and check a reCaptcha form shown on the C<register> form to
+help prevent spam signups.
 
 =head1 METHODS
 
@@ -25,6 +32,8 @@ sub base :Chained('/') :PathPart('') :CaptureArgs(0)
 
 =head2 index
 
+The index action is not currently used.
+
 =cut
 
 sub index :Path :Args(0) {
@@ -33,12 +42,75 @@ sub index :Path :Args(0) {
     $c->response->body('Matched stemmaweb::Controller::Users in Users.');
 }
 
+=head2 login with openid
+
+Logging in with openid/google requires two passes through the login
+action, on the 2nd pass the C<openid-check> value is passed in when
+the openid providing webserver links the user back to the stemmaweb
+site. This adaptation to the C<login> action sets the realm we are
+authenticating against to be C<openid> in this case.
+
+=cut
+
 before login => sub {
   my($self, $c) = @_;
   $c->req->param( realm => 'openid')
     if $c->req->param('openid-check');
 };
 
+=head2 register with recaptcha
+
+This adapts the C<register> action to add the recaptcha HTML to the
+page, and verify the recaptcha info entered is correct when the form
+is submitted. If the recaptcha is not correct, we just redisplay the
+form with an error message.
+
+=cut
+
+before register => sub {
+    my ($self, $c) = @_;
+
+    ## Puts HTML into stash in "recaptcha" key.
+    $c->forward('captcha_get');
+
+    ## When submitting, check recaptcha passes, else re-draw form
+    if($c->req->method eq 'POST') {
+        if(!$c->forward('captcha_check')) {
+            
+            ## Need these two lines to detach, so end can draw the correct template again:
+            my $form = $self->form_handler->new( active => [ $self->login_id_field, 'password', 'confirm_password' ] );
+            $c->stash( template => $self->register_template, form => $form );
+
+            $c->detach();
+        }
+    }
+};
+
+=head2 success
+
+A stub page returned on login / registration success.
+
+=cut
+
+sub success :Local :Args(0) {
+    my ( $self, $c ) = @_;
+
+	$c->load_status_msgs;
+    $c->stash->{template} = 'auth/success.tt';
+}
+
+=head2 post_logout
+
+Return to the index page, not to the login page.
+
+=cut
+
+sub post_logout {
+	my( $self, $c ) = @_;
+	$c->response->redirect( $c->uri_for_action( '/index' ) );
+	$c->detach;
+}
+
 =head1 AUTHOR
 
 A clever guy