1 package Catalyst::Authentication::Realm::SimpleDB;
5 use Catalyst::Exception;
6 use base qw/Catalyst::Authentication::Realm/;
9 my ($class, $realmname, $config, $app) = @_;
14 password_type => 'clear'
17 class => 'DBIx::Class',
18 role_relation => 'roles',
20 use_userdata_from_session => '1'
24 if (!defined($config->{'user_model'})) {
25 Catalyst::Exception->throw("Unable to initialize authentication, no user_model specified in SimpleDB config.");
29 ## load any overrides for the credential
30 foreach my $key (qw/ password_type password_field password_hash_type/) {
31 if (exists($config->{$key})) {
32 $newconfig->{credential}{$key} = $config->{$key};
36 ## load any overrides for the store
37 foreach my $key (qw/ user_model role_relation role_field role_column use_userdata_from_session/) {
38 if (exists($config->{$key})) {
39 $newconfig->{store}{$key} = $config->{$key};
42 if (exists($newconfig->{'store'}{'role_column'})) {
43 delete $newconfig->{'store'}{'role_relation'};
44 delete $newconfig->{'store'}{'role_field'};
47 return $class->SUPER::new($realmname, $newconfig, $app);
55 Catalyst::Authentication::Realm::SimpleDB - A simplified Catalyst authentication configurator.
63 __PACKAGE__->config->{'Plugin::Authentication'} =
67 user_class => 'MyApp::User'
72 $c->authenticate({ username => 'myusername',
73 password => 'mypassword' });
75 my $age = $c->user->get('age');
82 The Catalyst::Authentication::Realm::SimpleDB provides a simple way to configure Catalyst Authentication
83 when using the most common configuration of a password protected user retrieved from an SQL database.
87 The SimpleDB Realm class configures the Catalyst authentication system based on the following:
92 Your user data is stored in a table that is accessible via $c->model('User');
95 Your passwords are stored in the 'password' field in your users table and are not encrypted.
98 Your roles for users are stored in a separate table and are directly
99 accessible via a DBIx::Class relationship called 'roles' and the text of the
100 role is stored in a field called 'role' within the role table.
103 Your user information is stored in the session once the user is authenticated.
107 For the above usage, only one configuration option is necessary, 'user_class'.
108 B<user_class> should contain the class name of your user class. See the
109 L</PREPARATION> section for info on how to set up your database for use with
112 If your system differs from the above, some minor configuration may be
113 necessary. The options available are detailed below. These options match the
114 configuration options used by the underlying credential and store modules.
115 More information on these options can be found in
116 L<Catalyst::Authentication::Credential::Password> and
117 L<Catalyst::Authentication::Store::DBIx::Class>.
123 Contains the class name (as passed to $c->model() ) of the DBIx::Class schema
124 to use as the source for user information. This config item is B<REQUIRED>.
128 If your password field is not 'password' set this option to the name of your password field. Note that if you change this
129 to, say 'users_password' you will need to use that in the authenticate call:
131 $c->authenticate({ username => 'bob', users_password => 'foo' });
135 If the password is not stored in plaintext you will need to define what format the password is in. The common options are
136 B<crypted> and B<hashed>. Crypted uses the standard unix crypt to encrypt the password. Hashed uses the L<Digest> modules to
137 perform password hashing.
139 =item password_hash_type
141 If you use a hashed password type - this defines the type of hashing. See L<Catalyst::Authentication::Credential::Password>
142 for more details on this setting.
146 If your users roles are stored directly in your user table, set this to the column name that contains your roles. For
147 example, if your user table contains a field called 'permissions', the value of role_column would be 'permissions'.
148 B<NOTE>: If multiple values are stored in the role column, they should be space or pipe delimited.
150 =item role_relation and role_field
152 These define an alternate role relationship name and the column that holds the role's name in plain text. See
153 L<Catalyst::Authentication::Store::DBIx::Class/CONFIGURATION> for more details on these settings.
155 =item use_userdata_from_session
157 This is a simple 1 / 0 setting which determines how a user's data is saved / restored from the session. If
158 it is set to 1, the user's complete information (at the time of authentication) is cached between requests.
159 If it is set to 0, the users information is loaded from the database on each request.
166 This module makes several assumptions about the structure of your database.
167 Below is an example of a table structure which will function with this module
168 in it's default configuration. You can use this table structure as-is or add
169 additional fields as necessary. B<NOTE> that this is the default SimpleDB
170 configuration only. Your table structure can differ significantly from this
171 when using the L<DBIx::Class
172 Store|Catalyst::Authentication::Store::DBIx::Class/> directly.
176 -- note that you can add any additional columns you require to the users table.
179 id INTEGER PRIMARY KEY,
185 id INTEGER PRIMARY KEY,
188 CREATE TABLE user_roles (
191 PRIMARY KEY (user_id, role_id)
194 Also, after you have loaded this table structure into your DBIx::Class schema,
195 please be sure that you have a many_to_many DBIx::Class relationship defined
196 for the users to roles relation. Your schema files should contain something
199 C<lib/MyApp/Schema/Users.pm>:
201 __PACKAGE__->has_many(map_user_role => 'MyApp::Schema::UserRoles', 'user_id');
202 __PACKAGE__->many_to_many(roles => 'map_user_role', 'role');
204 C<lib/MyApp/Schema/UserRoles.pm>:
206 __PACKAGE__->belongs_to(role => 'MyApp::Schema::Roles', 'role_id');
210 If and when your application becomes complex enough that you need more features
211 than SimpleDB gives you access to, you can migrate to a standard Catalyst
212 Authentication configuration fairly easily. SimpleDB simply creates a standard
213 Auth config based on the inputs you give it. The config SimpleDB creates by default
216 MyApp->config('Plugin::Authentication') = {
220 password_type => 'clear'
223 class => 'DBIx::Class',
224 role_relation => 'roles',
225 role_field => 'role',
226 use_userdata_from_session => '1',
227 user_model => $user_model_from_simpledb_config
235 This module relies on a number of other modules to do it's job. For more information
236 you can refer to the following:
241 L<Catalyst::Manual::Tutorial::Authentication>
244 L<Catalyst::Plugin::Authentication>
247 L<Catalyst::Authentication::Credential::Password>
250 L<Catalyst::Authentication::Store::DBIx::Class>
253 L<Catalyst::Plugin::Authorization::Roles>