+1.006 2008-10-06
+ - Added username_field configuration option. I need this to play
+ nice with Catalyst::Authentication::Store::Tangram.
+
1.005 2008-09-25
- Added better description of the use of the domains and
use_uri_for options (info culled from RFC2617).
. Test 'algorithm' config / MD5-sess properly.
. Full implementation of MD5-sess with remote authentication service.
. Domain option should be able to be passed as config.
-. Support for NTLM auth?
\ No newline at end of file
+. Support for NTLM auth?
+. Config verification / validation on construction.
+. Test all config parameters (esp username_field)
\ No newline at end of file
__PACKAGE__->mk_accessors(qw/_config realm/);
}
-our $VERSION = "1.005";
+our $VERSION = "1.006";
sub new {
my ($class, $config, $app, $realm) = @_;
+ $config->{username_field} ||= 'username';
my $self = { _config => $config, _debug => $app->debug };
bless $self, $class;
my $headers = $c->req->headers;
if ( my ( $username, $password ) = $headers->authorization_basic ) {
- my $user_obj = $realm->find_user( { username => $username }, $c);
+ my $user_obj = $realm->find_user( { $self->_config->{username_field} => $username }, $c);
if (ref($user_obj)) {
if ($self->check_password($user_obj, {$self->_config->{password_field} => $password})) {
$c->set_authenticated($user_obj);
my $user;
unless ( $user = $auth_info->{user} ) {
- $user = $realm->find_user( { username => $username }, $c);
+ $user = $realm->find_user( { $self->_config->{username_field} => $username }, $c);
}
unless ($user) { # no user, no authentication
$c->log->debug("Unable to locate user matching user info provided") if $c->debug;
The name of accessor used to retrieve the value of the password field from the user object. Same usage as in
L<Catalyst::Authentication::Credential::Password|Catalyst::Authentication::Credential::Password/password_field>
+=item username_field
+
+The field name that the user's username is mapped into when finding the user from the realm. Defaults to 'username'.
+
=item use_uri_for
If this configuration key has a true value, then the domain(s) for the authorization header will be