X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Manual.git;a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;h=5ba80f0a0756ea7f25cd74179494a27060ccda91;hp=5f4e4efc186d03041a5bbc95659a07a0f62850ca;hb=d04961970a25ec3dc831f89be5cd6e27fdec884a;hpb=3533daff0314522f79dff9c618da087568f1378c diff --git a/lib/Catalyst/Manual/Tutorial/Authorization.pod b/lib/Catalyst/Manual/Tutorial/Authorization.pod index 5f4e4ef..5ba80f0 100644 --- a/lib/Catalyst/Manual/Tutorial/Authorization.pod +++ b/lib/Catalyst/Manual/Tutorial/Authorization.pod @@ -92,47 +92,52 @@ Edit C and add C to the list: =head2 Add Config Information for Authorization -Edit C and update it to match the following (the +Edit C and update it to match the following (the C and C definitions are new): - --- - name: MyApp - authentication: - default_realm: dbic - realms: - dbic: - credential: + name MyApp + + default_realm dbic + + + # Note this first definition would be the same as setting # __PACKAGE__->config->{authentication}->{realms}->{dbic} # ->{credential} = 'Password' in lib/MyApp.pm - # (IOW, each hash key becomes a "name:" in the YAML file). # # Specify that we are going to do password-based auth - class: Password + class Password # This is the name of the field in the users table with the # password stored in it - password_field: password - # We are using an unencrypted password now - password_type: clear - store: + password_field password + # Switch to more secure hashed passwords + password_type hashed + # Use the SHA-1 hashing algorithm + password_hash_type SHA-1 + + # Use DBIC to retrieve username, password & role information - class: DBIx::Class + class DBIx::Class # This is the model object created by Catalyst::Model::DBIC - # from your schema (you created 'MyAppDB::User' but as the - # Catalyst startup debug messages show, it was loaded as - # 'MyApp::Model::MyAppDB::Users'). + # from your schema (you created 'MyApp::Schema::User' but as + # the Catalyst startup debug messages show, it was loaded as + # 'MyApp::Model::DB::Users'). # NOTE: Omit 'MyApp::Model' here just as you would when using - # '$c->model("MyAppDB::Users)' - user_class: MyAppDB::Users + # '$c->model("DB::Users)' + user_class DB::Users # This is the name of the field in your 'users' table that # contains the user's name - id_field: username + id_field username # This is the name of a many_to_many relation in the users # object that points to the roles for that user - role_relation: roles + role_relation roles # This is the name of field in the roles table that contains # the role information - role_field: role + role_field role + + + + =head2 Add Role-Specific Logic to the "Book List" Template @@ -194,7 +199,7 @@ updating C to match the following code: if ($c->check_user_roles('admin')) { # Call create() on the book model object. Pass the table # columns/field values we want to set as hash values - my $book = $c->model('MyAppDB::Books')->create({ + my $book = $c->model('DB::Books')->create({ title => $title, rating => $rating });