[catagits/Catalyst-Plugin-Authentication.git] / lib / Catalyst / Plugin / Authentication.pm

#!/usr/bin/perl

package Catalyst::Plugin::Authentication;

use base qw/Class::Accessor::Fast Class::Data::Inheritable/;

BEGIN {
    __PACKAGE__->mk_accessors(qw/_user/);
    __PACKAGE__->mk_classdata($_) for qw/_auth_stores _auth_store_names/;
}

use strict;
use warnings;

use Tie::RefHash;
use Class::Inspector;

#BEGIN {
#	require constant;
#	constant->import(have_want => eval { require Want });
#}

our $VERSION = "0.02";

sub set_authenticated {
    my ( $c, $user ) = @_;

    $c->user($user);
    $c->request->{user} = $user;    # compatibility kludge

    if (    $c->isa("Catalyst::Plugin::Session")
        and $c->config->{authentication}{use_session}
        and $user->supports("session") )
    {
        $c->save_user_in_session($user);
    }

    $c->NEXT::set_authenticated($user);
}

sub user {
    my $c = shift;

    if (@_) {
        return $c->_user(@_);
    }

    my $user = $c->_user;

    if ( $user and !Scalar::Util::blessed($user) ) {
#		return 1 if have_want() && Want::want("BOOL");
        return $c->auth_restore_user($user);
    }

    return $user;
}

sub save_user_in_session {
    my ( $c, $user ) = @_;

    my $store = $user->store || ref $user;
    $c->session->{__user_store} = $c->get_auth_store_name($store) || $store;
    $c->session->{__user} = $user->for_session;
}

sub logout {
    my $c = shift;

    $c->user(undef);

    if (    $c->isa("Catalyst::Plugin::Session")
        and $c->config->{authentication}{use_session} )
    {
        delete @{ $c->session }{qw/__user __user_store/};
    }
}

sub get_user {
    my ( $c, $uid ) = @_;

    if ( my $store = $c->default_auth_store ) {
        return $store->get_user($uid);
    }
    else {
        Catalyst::Exception->throw(
                "The user id $uid was passed to an authentication "
              . "plugin, but no default store was specified" );
    }
}

sub prepare {
    my $c = shift->NEXT::prepare(@_);

    if ( $c->isa("Catalyst::Plugin::Session")
        and !$c->user )
    {
        if ( $c->sessionid and my $frozen_user = $c->session->{__user} ) {
            $c->_user($frozen_user);
        }
    }

    return $c;
}

sub auth_restore_user {
    my ( $c, $frozen_user, $store_name ) = @_;

    return
      unless $c->isa("Catalyst::Plugin::Session")
      and $c->config->{authentication}{use_session}
      and $c->sessionid;

    $store_name  ||= $c->session->{__user_store};
    $frozen_user ||= $c->session->{__user};

    my $store = $c->get_auth_store($store_name);
    $c->_user( my $user = $store->from_session( $c, $frozen_user ) );

    return $user;

}

sub setup {
    my $c = shift;

    my $cfg = $c->config->{authentication} || {};

    %$cfg = (
        use_session => 1,
        %$cfg,
    );

    $c->register_auth_stores(
        default => $cfg->{store},
        %{ $cfg->{stores} || {} },
    );

    $c->NEXT::setup(@_);
}

sub get_auth_store {
    my ( $self, $name ) = @_;
    $self->auth_stores->{$name} || ( Class::Inspector->loaded($name) && $name );
}

sub get_auth_store_name {
    my ( $self, $store ) = @_;
    $self->auth_store_names->{$store};
}

sub register_auth_stores {
    my ( $self, %new ) = @_;

    foreach my $name ( keys %new ) {
        my $store = $new{$name} or next;
        $self->auth_stores->{$name}       = $store;
        $self->auth_store_names->{$store} = $name;
    }
}

sub auth_stores {
    my $self = shift;
    $self->_auth_stores(@_) || $self->_auth_stores( {} );
}

sub auth_store_names {
    my $self = shift;

    $self->_auth_store_names || do {
        tie my %hash, 'Tie::RefHash';
        $self->_auth_store_names( \%hash );
      }
}

sub default_auth_store {
    my $self = shift;

    if ( my $new = shift ) {
        $self->register_auth_stores( default => $new );
    }

    $self->get_auth_store("default");
}

__PACKAGE__;

__END__

=pod

=head1 NAME

Catalyst::Plugin::Authentication - Infrastructure plugin for the Catalyst
authentication framework.

=head1 SYNOPSIS

	use Catalyst qw/
		Authentication
		Authentication::Store::Foo
		Authentication::Credential::Password
	/;

=head1 DESCRIPTION

The authentication plugin is used by the various authentication and
authorization plugins in catalyst.

It defines the notion of a logged in user, and provides integration with the
L<Catalyst::Plugin::Session> plugin, 

=head1 METHODS

=over 4 

=item user

Returns the currently logged user or undef if there is none.

=item logout

Delete the currently logged in user from C<user> and the session.

=item get_user $uid

Delegate C<get_user> to the default store.

=back

=head1 METHODS FOR STORE MANAGEMENT

=over 4

=item default_auth_store

Return the store whose name is 'default'.

This is set to C<<$c->config->{authentication}{store}>> if that value exists,
or by using a Store plugin:

	use Catalyst qw/Authentication Authentication::Store::Minimal/;

Sets the default store to
L<Catalyst::Plugin::Authentication::Store::Minimal::Backend>.


=item get_auth_store $name

Return the store whose name is $name.

=item get_auth_store_name $store

Return the name of the store $store.

=item auth_stores

A hash keyed by name, with the stores registered in the app.

=item auth_store_names

A ref-hash keyed by store, which contains the names of the stores.

=item register_auth_stores %stores_by_name

Register stores into the application.

=back

=head1 INTERNAL METHODS

=over 4

=item set_authenticated $user

Marks a user as authenticated. Should be called from a
C<Catalyst::Plugin::Authentication::Credential> plugin after successful
authentication.

This involves setting C<user> and the internal data in C<session> if
L<Catalyst::Plugin::Session> is loaded.

=item auth_restore_user $user

Used to restore a user from the session, by C<user> only when it's actually
needed.

=item save_user_in_session $user

Used to save the user in a session.

=item prepare

Revives a user from the session object if there is one.

=item setup

Sets the default configuration parameters.

=item 

=back

=head1 CONFIGURATION

=over 4

=item use_session

Whether or not to store the user's logged in state in the session, if the
application is also using the L<Catalyst::Plugin::Authentication> plugin.

=back

=head1 SEE ALSO

L<Catalyst::Plugin::Authentication::Credential::Password>,
L<Catalyst::Plugin::Authentication::Store::Minimal>,
L<Catalyst::Plugin::Authorization::ACL>,
L<Catalyst::Plugin::Authorization::Roles>.

=head1 AUTHOR

Yuval Kogman, C<nothingmuch@woobling.org>

=head1 COPYRIGHT & LICNESE

        Copyright (c) 2005 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.

=cut
Commit	Line	Data
06675d2e	1	#!/usr/bin/perl
	2
	3	package Catalyst::Plugin::Authentication;
	4
b003080b	5	use base qw/Class::Accessor::Fast Class::Data::Inheritable/;
06675d2e	6
b003080b	7	BEGIN {
7bb06c91	8	__PACKAGE__->mk_accessors(qw/_user/);
96777f3a	9	__PACKAGE__->mk_classdata($_) for qw/_auth_stores _auth_store_names/;
b003080b	10	}
06675d2e	11
	12	use strict;
	13	use warnings;
	14
96777f3a	15	use Tie::RefHash;
12dae309	16	use Class::Inspector;
96777f3a	17
e145babc	18	#BEGIN {
	19	# require constant;
	20	# constant->import(have_want => eval { require Want });
	21	#}
a1e5bd36	22
e09a839c	23	our $VERSION = "0.02";
c7c003d3	24
06675d2e	25	sub set_authenticated {
	26	my ( $c, $user ) = @_;
	27
	28	$c->user($user);
e300c5b6	29	$c->request->{user} = $user; # compatibility kludge
06675d2e	30
06675d2e	31	if ( $c->isa("Catalyst::Plugin::Session")
96777f3a	32	and $c->config->{authentication}{use_session}
12dae309	33	and $user->supports("session") )
06675d2e	34	{
12dae309	35	$c->save_user_in_session($user);
06675d2e	36	}
55395841	37
4fbe2e14	38	$c->NEXT::set_authenticated($user);
06675d2e	39	}
06675d2e	40
7bb06c91	41	sub user {
e300c5b6	42	my $c = shift;
7bb06c91	43
e300c5b6	44	if (@_) {
	45	return $c->_user(@_);
	46	}
7bb06c91	47
e300c5b6	48	my $user = $c->_user;
7bb06c91	49
e300c5b6	50	if ( $user and !Scalar::Util::blessed($user) ) {
cde43a59	51	# return 1 if have_want() && Want::want("BOOL");
e300c5b6	52	return $c->auth_restore_user($user);
e300c5b6	53	}
7bb06c91	54
e300c5b6	55	return $user;
7bb06c91	56	}
7bb06c91	57
12dae309	58	sub save_user_in_session {
e300c5b6	59	my ( $c, $user ) = @_;
12dae309	60
	61	my $store = $user->store \|\| ref $user;
	62	$c->session->{__user_store} = $c->get_auth_store_name($store) \|\| $store;
	63	$c->session->{__user} = $user->for_session;
	64	}
	65
06675d2e	66	sub logout {
	67	my $c = shift;
	68
	69	$c->user(undef);
b003080b	70
	71	if ( $c->isa("Catalyst::Plugin::Session")
	72	and $c->config->{authentication}{use_session} )
	73	{
96777f3a	74	delete @{ $c->session }{qw/__user __user_store/};
b003080b	75	}
06675d2e	76	}
06675d2e	77
7d0922d8	78	sub get_user {
	79	my ( $c, $uid ) = @_;
	80
	81	if ( my $store = $c->default_auth_store ) {
	82	return $store->get_user($uid);
	83	}
	84	else {
	85	Catalyst::Exception->throw(
	86	"The user id $uid was passed to an authentication "
	87	. "plugin, but no default store was specified" );
	88	}
	89	}
	90
06675d2e	91	sub prepare {
	92	my $c = shift->NEXT::prepare(@_);
	93
4fbe2e14	94	if ( $c->isa("Catalyst::Plugin::Session")
06675d2e	95	and !$c->user )
06675d2e	96	{
7bb06c91	97	if ( $c->sessionid and my $frozen_user = $c->session->{__user} ) {
e300c5b6	98	$c->_user($frozen_user);
06675d2e	99	}
	100	}
	101
	102	return $c;
	103	}
	104
7bb06c91	105	sub auth_restore_user {
e300c5b6	106	my ( $c, $frozen_user, $store_name ) = @_;
7bb06c91	107
4fbe2e14	108	return
cde43a59	109	unless $c->isa("Catalyst::Plugin::Session")
4fbe2e14	110	and $c->config->{authentication}{use_session}
4fbe2e14	111	and $c->sessionid;
4402d92d	112
e300c5b6	113	$store_name \|\|= $c->session->{__user_store};
e300c5b6	114	$frozen_user \|\|= $c->session->{__user};
7bb06c91	115
e300c5b6	116	my $store = $c->get_auth_store($store_name);
e300c5b6	117	$c->_user( my $user = $store->from_session( $c, $frozen_user ) );
7bb06c91	118
e300c5b6	119	return $user;
7bb06c91	120
	121	}
	122
06675d2e	123	sub setup {
	124	my $c = shift;
	125
712a35bf	126	my $cfg = $c->config->{authentication} \|\| {};
06675d2e	127
	128	%$cfg = (
	129	use_session => 1,
	130	%$cfg,
	131	);
b003080b	132
12dae309	133	$c->register_auth_stores(
	134	default => $cfg->{store},
	135	%{ $cfg->{stores} \|\| {} },
	136	);
96777f3a	137
b003080b	138	$c->NEXT::setup(@_);
06675d2e	139	}
06675d2e	140
96777f3a	141	sub get_auth_store {
12dae309	142	my ( $self, $name ) = @_;
12dae309	143	$self->auth_stores->{$name} \|\| ( Class::Inspector->loaded($name) && $name );
96777f3a	144	}
	145
	146	sub get_auth_store_name {
12dae309	147	my ( $self, $store ) = @_;
12dae309	148	$self->auth_store_names->{$store};
96777f3a	149	}
	150
	151	sub register_auth_stores {
12dae309	152	my ( $self, %new ) = @_;
96777f3a	153
12dae309	154	foreach my $name ( keys %new ) {
	155	my $store = $new{$name} or next;
	156	$self->auth_stores->{$name} = $store;
	157	$self->auth_store_names->{$store} = $name;
	158	}
96777f3a	159	}
	160
	161	sub auth_stores {
12dae309	162	my $self = shift;
12dae309	163	$self->_auth_stores(@_) \|\| $self->_auth_stores( {} );
96777f3a	164	}
	165
	166	sub auth_store_names {
12dae309	167	my $self = shift;
96777f3a	168
4402d92d	169	$self->_auth_store_names \|\| do {
12dae309	170	tie my %hash, 'Tie::RefHash';
12dae309	171	$self->_auth_store_names( \%hash );
4fbe2e14	172	}
96777f3a	173	}
	174
	175	sub default_auth_store {
12dae309	176	my $self = shift;
96777f3a	177
12dae309	178	if ( my $new = shift ) {
	179	$self->register_auth_stores( default => $new );
	180	}
96777f3a	181
12dae309	182	$self->get_auth_store("default");
96777f3a	183	}
96777f3a	184
06675d2e	185	__PACKAGE__;
	186
	187	__END__
	188
	189	=pod
	190
	191	=head1 NAME
	192
55395841	193	Catalyst::Plugin::Authentication - Infrastructure plugin for the Catalyst
55395841	194	authentication framework.
06675d2e	195
	196	=head1 SYNOPSIS
	197
	198	use Catalyst qw/
	199	Authentication
	200	Authentication::Store::Foo
	201	Authentication::Credential::Password
	202	/;
	203
	204	=head1 DESCRIPTION
	205
	206	The authentication plugin is used by the various authentication and
	207	authorization plugins in catalyst.
	208
55395841	209	It defines the notion of a logged in user, and provides integration with the
55395841	210	L<Catalyst::Plugin::Session> plugin,
06675d2e	211
	212	=head1 METHODS
	213
	214	=over 4
	215
06675d2e	216	=item user
	217
	218	Returns the currently logged user or undef if there is none.
	219
4402d92d	220	=item logout
	221
	222	Delete the currently logged in user from C<user> and the session.
	223
7d0922d8	224	=item get_user $uid
	225
	226	Delegate C<get_user> to the default store.
	227
4fbe2e14	228	=back
	229
	230	=head1 METHODS FOR STORE MANAGEMENT
	231
fe4cf44a	232	=over 4
fe4cf44a	233
7d0922d8	234	=item default_auth_store
7d0922d8	235
4fbe2e14	236	Return the store whose name is 'default'.
7d0922d8	237
4fbe2e14	238	This is set to C<<$c->config->{authentication}{store}>> if that value exists,
	239	or by using a Store plugin:
	240
	241	use Catalyst qw/Authentication Authentication::Store::Minimal/;
	242
	243	Sets the default store to
	244	L<Catalyst::Plugin::Authentication::Store::Minimal::Backend>.
	245
a1e5bd36	246
4fbe2e14	247	=item get_auth_store $name
	248
	249	Return the store whose name is $name.
	250
	251	=item get_auth_store_name $store
	252
	253	Return the name of the store $store.
	254
	255	=item auth_stores
	256
	257	A hash keyed by name, with the stores registered in the app.
	258
	259	=item auth_store_names
	260
	261	A ref-hash keyed by store, which contains the names of the stores.
	262
	263	=item register_auth_stores %stores_by_name
	264
	265	Register stores into the application.
06675d2e	266
fe4cf44a	267	=back
fe4cf44a	268
06675d2e	269	=head1 INTERNAL METHODS
	270
	271	=over 4
	272
	273	=item set_authenticated $user
	274
	275	Marks a user as authenticated. Should be called from a
	276	C<Catalyst::Plugin::Authentication::Credential> plugin after successful
	277	authentication.
	278
	279	This involves setting C<user> and the internal data in C<session> if
	280	L<Catalyst::Plugin::Session> is loaded.
	281
e300c5b6	282	=item auth_restore_user $user
	283
	284	Used to restore a user from the session, by C<user> only when it's actually
	285	needed.
	286
	287	=item save_user_in_session $user
	288
	289	Used to save the user in a session.
	290
06675d2e	291	=item prepare
	292
	293	Revives a user from the session object if there is one.
	294
	295	=item setup
	296
	297	Sets the default configuration parameters.
	298
	299	=item
	300
	301	=back
	302
	303	=head1 CONFIGURATION
	304
	305	=over 4
	306
	307	=item use_session
	308
	309	Whether or not to store the user's logged in state in the session, if the
	310	application is also using the L<Catalyst::Plugin::Authentication> plugin.
	311
	312	=back
	313
fbe577ac	314	=head1 SEE ALSO
	315
	316	L<Catalyst::Plugin::Authentication::Credential::Password>,
	317	L<Catalyst::Plugin::Authentication::Store::Minimal>,
	318	L<Catalyst::Plugin::Authorization::ACL>,
	319	L<Catalyst::Plugin::Authorization::Roles>.
	320
	321	=head1 AUTHOR
	322
	323	Yuval Kogman, C<nothingmuch@woobling.org>
06675d2e	324
fbe577ac	325	=head1 COPYRIGHT & LICNESE
	326
	327	Copyright (c) 2005 the aforementioned authors. All rights
	328	reserved. This program is free software; you can redistribute
	329	it and/or modify it under the same terms as Perl itself.
	330
	331	=cut
06675d2e	332