=head2 Force debug screen
You can force Catalyst to display the debug screen at the end of the request by
-placing a die() call in the _end action.
+placing a C<die()> call in the C<end> action.
+
+ sub end : Private {
+ my ( $self, $c ) = @_;
+ die "forced debug";
+ }
+
+If you're tired of removing and adding this all the time, you can add a
+condition in the C<end> action. For example:
+
+ sub end : Private {
+ my ( $self, $c ) = @_;
+ die "forced debug" if $c->req->params->{dump_info};
+ }
+
+Then just add to your query string C<"&dump_info=1">, or the like, to
+force debug output.
- __PACKAGE__->action(
- '!end' => sub {
- my ( $self, $c ) = @_;
- die "testing";
- }
- );
=head2 Disable statistics
=head2 Scaffolding
Scaffolding is very simple with Catalyst.
-Just use Catalyst::Model::CDBI::CRUD as baseclass.
- # lib/MyApp/Model/CDBI.pm
- package MyApp::Model::CDBI;
+The recommended way is to use Catalyst::Helper::Controller::Scaffold.
- use strict;
- use base 'Catalyst::Model::CDBI::CRUD';
+Just install this module, and to scaffold a Class::DBI Model class, do the following:
- __PACKAGE__->config(
- dsn => 'dbi:SQLite:/tmp/myapp.db',
- relationships => 1
- );
+./script/myapp_create controller <name> Scaffold <CDBI::Class>Scaffolding
- 1;
- # lib/MyApp.pm
- package MyApp;
- use Catalyst 'FormValidator';
- __PACKAGE__->config(
- name => 'My Application',
- root => '/home/joeuser/myapp/root'
- );
+=head2 File uploads
- __PACKAGE__->action(
- 'table' => sub {
- my ( $self, $c ) = @_;
- $c->form( optional => [ MyApp::Model::CDBI::Table->columns ] );
- $c->forward('MyApp::Model::CDBI::Table');
- }
- );
+=head3 Single file upload with Catalyst
- 1;
+To implement uploads in Catalyst, you need to have a HTML form similar to
+this:
-Modify the $c->form() parameters to match your needs, and don't forget to copy
-the templates. ;)
+ <form action="/upload" method="post" enctype="multipart/form-data">
+ <input type="hidden" name="form_submit" value="yes">
+ <input type="file" name="my_file">
+ <input type="submit" value="Send">
+ </form>
-=head2 Serving static files and CSS as text/css
+It's very important not to forget C<enctype="multipart/form-data"> in
+the form.
-If you want to serve static content (like images, txt or CSS) via Catalyst,
-then all you need is the plugin Catalyst::Plugin::Static as well as a small
-regex to set the MIME type for CSS to text/css.
+Catalyst Controller module 'upload' action:
- # lib/MyApp.pm
- package MyApp;
+ sub upload : Global {
+ my ($self, $c) = @_;
- use strict;
- use Catalyst qw/-Debug Static/;
-
- __PACKAGE__->action(
-
- '!default' => sub {
- my ( $self, $c ) = @_;
- $c->serve_static;
- },
-
- '/^.*\.css$/' => sub {
- my ( $self, $c ) = @_;
- $c->serve_static('text/css');
- },
- );
+ if ( $c->request->parameters->{form_submit} eq 'yes' ) {
-=head2 Uploads with Catalyst
+ if ( my $upload = $c->request->upload('my_file') ) {
-To implement uploads in Catalyst you need to have a HTML form similiar to
-this:
+ my $filename = $upload->filename;
+ my $target = "/tmp/upload/$filename";
+
+ unless ( $upload->link_to($target) || $upload->copy_to($target) ) {
+ die( "Failed to copy '$filename' to '$target': $!" );
+ }
+ }
+ }
+
+ $c->stash->{template} = 'file_upload.html';
+ }
+
+=head3 Multiple file upload with Catalyst
+
+Code for uploading multiple files from one form needs a few changes:
+
+The form should have this basic structure:
<form action="/upload" method="post" enctype="multipart/form-data">
<input type="hidden" name="form_submit" value="yes">
- <input type="file" name="my_file">
+ <input type="file" name="file1" size="50"><br>
+ <input type="file" name="file2" size="50"><br>
+ <input type="file" name="file3" size="50"><br>
<input type="submit" value="Send">
</form>
-It's very important not to forget enctype="multipart/form-data" in form,
-if it's not there, uploads just don't work.
+And in the controller:
-Catalyst Controller module 'upload' action:
+ sub upload : Local {
+ my ($self, $c) = @_;
- MyApp->action(
-
- 'upload' => sub {
- my ($self, $c) = @_;
- if ($c->req->parameters->{form_submit} eq 'yes') {
- my $filename = $c->req->parameters->{my_file};
- if ($filename) {
- my $fh = $c->req->uploads->{$filename}->{fh};
- open(NEW_FILE, ">/tmp/$filename") or die
- "Can't open file for writing: $!";
- while ($fh->read(my $buf, 32768)) {
- print NEW_FILE $buf;
- }
- close(NEW_FILE);
+ if ( $c->request->parameters->{form_submit} eq 'yes' ) {
+
+ for my $field ( $c->req->upload ) {
+
+ my $upload = $c->req->upload($field);
+ my $filename = $upload->filename;
+ my $target = "/tmp/upload/$filename";
+
+ unless ( $upload->link_to($target) || $upload->copy_to($target) ) {
+ die( "Failed to copy '$filename' to '$target': $!" );
}
}
- $c->stash->{template} = 'upload_form.tt';
- $c->forward('MyApp::V::View');
- },
+ }
+
+ $c->stash->{template} = 'file_upload.html';
+ }
+
+C<for my $field ($c-E<gt>req->upload)> loops automatically over all file
+input fields and gets input names. After that is basic file saving code,
+just like in single file upload.
+
+Notice: C<die>ing might not be what you want to do, when an error
+occurs, but it works as an example. A better idea would be to store
+error C<$!> in $c->stash->{error} and show a custom error template
+displaying this message.
+
+For more information about uploads and usable methods look at
+L<Catalyst::Request::Upload> and L<Catalyst::Request>.
+
+=head2 Authentication with Catalyst::Plugin::Authentication
+
+In this example, we'll use the
+L<Catalyst::Plugin::Authentication::Store::DBIC> store and the
+L<Catalyst::Plugin::Authentication::Credential::Password> credentials.
+
+In the lib/MyApp.pm package, we'll need to change the C<use Catalyst;>
+line to include the following modules:
+
+ use Catalyst qw/
+ ConfigLoader
+ Authentication
+ Authentication::Store::DBIC
+ Authentication::Credential::Password
+ Session
+ Session::Store::FastMmap
+ Session::State::Cookie
+ HTML::Widget
+ Static::Simple
+ /;
+
+The Session, Session::Store::* and Session::State::* modules listed above
+ensure that we stay logged-in across multiple page-views.
+
+In our MyApp.yml configuration file, we'll need to add:
+
+ authentication:
+ dbic:
+ user_class: MyApp::Model::DBIC::User
+ user_field: username
+ password_field: password
+ password_type: hashed
+ password_hash_type: SHA-1
+
+'user_class' is a DBIx::Class package for your users table.
+'user_field' tells which field (column) is used for username lookup.
+'password_field' is the password field in your table.
+The above settings for 'password_type' and 'password_hash_type' ensure that
+the password won't be stored in the database in clear text.
+
+In SQLite, the users table might be something like:
+
+ CREATE TABLE user (
+ id INTEGER PRIMARY KEY,
+ username VARCHAR(100),
+ password VARCHAR(100)
+ );
+
+Now we need to create a DBIC::SchemaLoader component for this database
+(changing "myapp.db" to wherever your SQLite database is).
+
+ script/myapp_create.pl model DBIC DBIC::SchemaLoader 'dbi:SQLite:myapp.db'
+
+Now we can start creating our page controllers and templates.
+For our homepage, we create the file "root/index.tt" containing:
+
+ <html>
+ <body>
+ [% IF c.user %]
+ <p>hello [% c.user.username %]</p>
+ <p><a href="[% c.uri_for( '/logout' ) %]">logout</a></p>
+ [% ELSE %]
+ <p><a href="[% c.uri_for( '/login' ) %]">login</a></p>
+ [% END %]
+ </body>
+ </html>
+
+If the user is logged in, they will be shown their name, and a logout link.
+Otherwise, they will be shown a login link.
+
+To display the homepage, we can uncomment the C<default> and C<end>
+subroutines in lib/MyApp/Controller/Root.pm and populate them as so:
+
+ sub default : Private {
+ my ( $self, $c ) = @_;
+
+ $c->stash->{template} = 'index.tt';
+ }
+
+ sub end : Private {
+ my ( $self, $c ) = @_;
+
+ $c->forward( $c->view('TT') )
+ unless $c->response->body || $c->response->redirect;
+ }
+
+The login template is very simple, as L<HTML::Widget> will handle the
+HTML form creation for use. This is saved as "root/login.tt".
+
+ <html>
+ <head>
+ <link href="[% c.uri_for('/static/simple.css') %]" rel="stylesheet" type="text/css">
+ </head>
+ <body>
+ [% result %]
+ </body>
+ </html>
+
+For the HTML form to look correct, we also copy the C<simple.css> file
+from the L<HTML::Widget> distribution into our "root/static" folder.
+This file is automatically server by the L<Catalyst::Plugin::Static::Simple>
+module which we loaded in our lib/MyApp.pm package.
+
+To handle login requests, we first create a controller, like so:
+
+ script/myapp_create.pl controller Login
+
+In the lib/MyApp/Controller/Login.pm package, we can then uncomment the
+C<default> subroutine, and populate it, as below.
+
+First the widget is created, it needs the 'action' set, and 'username' and
+'password' fields and a submit button added.
+
+Then, if we've received a username and password in the request, we attempt
+to login. If successful, we redirect to the homepage; if not the login form
+will be displayed again.
+
+ sub default : Private {
+ my ( $self, $c ) = @_;
+
+ $c->widget->method('POST')->action( $c->uri_for('/login') );
+ $c->widget->element( 'Textfield', 'username' )->label( 'Username' );
+ $c->widget->element( 'Password', 'password' )->label( 'Password' );
+ $c->widget->element( 'Submit' )->value( 'Login' );
+
+ my $result = $c->widget->process( $c->req );
+
+ if ( my $user = $result->param('username')
+ and my $pass = $result->param('password') )
+ {
+ if ( $c->login( $user, $pass ) ) {
+ $c->response->redirect( $c->uri_for( "/" ) );
+ return;
+ }
+ }
+
+ $c->stash->{template} = 'login.tt';
+ $c->stash->{result} = $result;
+ }
+
+To handle logout's, we create a new controller:
+
+ script/myapp_create.pl controller Logout
+
+Then in the lib/MyApp/Controller/Logout.pm package, we change the
+C<default> subroutine, to logout and then redirect back to the
+homepage.
+
+ sub default : Private {
+ my ( $self, $c ) = @_;
+
+ $c->logout;
+
+ $c->response->redirect( $c->uri_for( "/" ) );
+ }
+
+Remember that to test this, we would first need to add a user to the
+database, ensuring that the password field is saved as the SHA1 hash
+of our desired password.
+
+
+=head2 Pass-through login (and other actions)
+
+An easy way of having assorted actions that occur during the processing
+of a request that are orthogonal to its actual purpose - logins, silent
+commands etc. Provide actions for these, but when they're required for
+something else fill e.g. a form variable __login and have a sub begin
+like so:
+
+ sub begin : Private {
+ my ($self, $c) = @_;
+ foreach my $action (qw/login docommand foo bar whatever/) {
+ if ($c->req->params->{"__${action}"}) {
+ $c->forward($action);
+ }
+ }
+ }
+
+=head2 How to use Catalyst without mod_perl
+
+Catalyst applications give optimum performance when run under mod_perl.
+However sometimes mod_perl is not an option, and running under CGI is
+just too slow. There's also an alternative to mod_perl that gives
+reasonable performance named FastCGI.
+
+=head3 Using FastCGI
+
+To quote from L<http://www.fastcgi.com/>: "FastCGI is a language
+independent, scalable, extension to CGI that provides high performance
+without the limitations of specific server APIs." Web server support
+is provided for Apache in the form of C<mod_fastcgi> and there is Perl
+support in the C<FCGI> module. To convert a CGI Catalyst application
+to FastCGI one needs to initialize an C<FCGI::Request> object and loop
+while the C<Accept> method returns zero. The following code shows how
+it is done - and it also works as a normal, single-shot CGI script.
+
+ #!/usr/bin/perl
+ use strict;
+ use FCGI;
+ use MyApp;
+
+ my $request = FCGI::Request();
+ while ($request->Accept() >= 0) {
+ MyApp->run;
+ }
+
+Any initialization code should be included outside the request-accept
+loop.
+
+There is one little complication, which is that C<MyApp-E<gt>run> outputs a
+complete HTTP response including the status line (e.g.:
+"C<HTTP/1.1 200>").
+FastCGI just wants a set of headers, so the sample code captures the
+output and drops the first line if it is an HTTP status line (note:
+this may change).
+
+The Apache C<mod_fastcgi> module is provided by a number of Linux
+distro's and is straightforward to compile for most Unix-like systems.
+The module provides a FastCGI Process Manager, which manages FastCGI
+scripts. You configure your script as a FastCGI script with the
+following Apache configuration directives:
+
+ <Location /fcgi-bin>
+ AddHandler fastcgi-script fcgi
+ </Location>
+
+or:
+
+ <Location /fcgi-bin>
+ SetHandler fastcgi-script
+ Action fastcgi-script /path/to/fcgi-bin/fcgi-script
+ </Location>
+
+C<mod_fastcgi> provides a number of options for controlling the FastCGI
+scripts spawned; it also allows scripts to be run to handle the
+authentication, authorization, and access check phases.
+
+For more information see the FastCGI documentation, the C<FCGI> module
+and L<http://www.fastcgi.com/>.
+
+=head2 Serving static content
+
+Serving static content in Catalyst can be somewhat tricky; this recipe
+shows one possible solution. Using this recipe will serve all static
+content through Catalyst when developing with the built-in HTTP::Daemon
+server, and will make it easy to use Apache to serve the content when
+your app goes into production.
+
+Static content is best served from a single directory within your root
+directory. Having many different directories such as C<root/css> and
+C<root/images> requires more code to manage, because you must separately
+identify each static directory--if you decide to add a C<root/js>
+directory, you'll need to change your code to account for it. In
+contrast, keeping all static directories as subdirectories of a main
+C<root/static> directory makes things much easier to manager. Here's an
+example of a typical root directory structure:
+
+ root/
+ root/content.tt
+ root/controller/stuff.tt
+ root/header.tt
+ root/static/
+ root/static/css/main.css
+ root/static/images/logo.jpg
+ root/static/js/code.js
+
+
+All static content lives under C<root/static> with everything else being
+Template Toolkit files. Now you can identify the static content by
+matching C<static> from within Catalyst.
+
+=head3 Serving with HTTP::Daemon (myapp_server.pl)
+
+To serve these files under the standalone server, we first must load the
+Static plugin. Install L<Catalyst::Plugin::Static> if it's not already
+installed.
+
+In your main application class (MyApp.pm), load the plugin:
+
+ use Catalyst qw/-Debug FormValidator Static OtherPlugin/;
+
+You will also need to make sure your end method does I<not> forward
+static content to the view, perhaps like this:
+
+ sub end : Private {
+ my ( $self, $c ) = @_;
+
+ $c->forward( 'MyApp::V::TT' )
+ unless ( $c->res->body || !$c->stash->{template} );
+ }
+
+This code will only forward to the view if a template has been
+previously defined by a controller and if there is not already data in
+C<$c-E<gt>res-E<gt>body>.
+
+Next, create a controller to handle requests for the /static path. Use
+the Helper to save time. This command will create a stub controller as
+C<lib/MyApp/C/Static.pm>.
+
+ $ script/myapp_create.pl controller Static
+
+Edit the file and add the following methods:
+
+ # serve all files under /static as static files
+ sub default : Path('/static') {
+ my ( $self, $c ) = @_;
+
+ # Optional, allow the browser to cache the content
+ $c->res->headers->header( 'Cache-Control' => 'max-age=86400' );
+
+ $c->serve_static; # from Catalyst::Plugin::Static
+ }
+
+ # also handle requests for /favicon.ico
+ sub favicon : Path('/favicon.ico') {
+ my ( $self, $c ) = @_;
+
+ $c->serve_static;
+ }
+
+You can also define a different icon for the browser to use instead of
+favicon.ico by using this in your HTML header:
+
+ <link rel="icon" href="/static/myapp.ico" type="image/x-icon" />
+
+=head3 Common problems
+
+The Static plugin makes use of the C<shared-mime-info> package to
+automatically determine MIME types. This package is notoriously
+difficult to install, especially on win32 and OS X. For OS X the easiest
+path might be to install Fink, then use C<apt-get install
+shared-mime-info>. Restart the server, and everything should be fine.
+
+Make sure you are using the latest version (>= 0.16) for best
+results. If you are having errors serving CSS files, or if they get
+served as text/plain instead of text/css, you may have an outdated
+shared-mime-info version. You may also wish to simply use the following
+code in your Static controller:
+
+ if ($c->req->path =~ /css$/i) {
+ $c->serve_static( "text/css" );
+ } else {
+ $c->serve_static;
+ }
+
+=head3 Serving with Apache
+
+When using Apache, you can completely bypass Catalyst and the Static
+controller by intercepting requests for the C<root/static> path at the
+server level. All that is required is to define a DocumentRoot and add a
+separate Location block for your static content. Here is a complete
+config for this application under mod_perl 1.x:
+
+ <Perl>
+ use lib qw(/var/www/MyApp/lib);
+ </Perl>
+ PerlModule MyApp
+
+ <VirtualHost *>
+ ServerName myapp.example.com
+ DocumentRoot /var/www/MyApp/root
+ <Location />
+ SetHandler perl-script
+ PerlHandler MyApp
+ </Location>
+ <LocationMatch "/(static|favicon.ico)">
+ SetHandler default-handler
+ </LocationMatch>
+ </VirtualHost>
+
+And here's a simpler example that'll get you started:
+
+ Alias /static/ "/my/static/files/"
+ <Location "/static">
+ SetHandler none
+ </Location>
+
+=head2 Forwarding with arguments
+
+Sometimes you want to pass along arguments when forwarding to another
+action. As of version 5.30, arguments can be passed in the call to
+C<forward>; in earlier versions, you can manually set the arguments in
+the Catalyst Request object:
+
+ # version 5.30 and later:
+ $c->forward('/wherever', [qw/arg1 arg2 arg3/]);
+
+ # pre-5.30
+ $c->req->args([qw/arg1 arg2 arg3/]);
+ $c->forward('/wherever');
+
+(See the L<Catalyst::Manual::Intro> Flow_Control section for more
+information on passing arguments via C<forward>.)
+
+=head2 Configure your application
+
+You configure your application with the C<config> method in your
+application class. This can be hard-coded, or brought in from a
+separate configuration file.
+
+=head3 Using YAML
+
+YAML is a method for creating flexible and readable configuration
+files. It's a great way to keep your Catalyst application configuration
+in one easy-to-understand location.
+
+In your application class (e.g. C<lib/MyApp.pm>):
+
+ use YAML;
+ # application setup
+ __PACKAGE__->config( YAML::LoadFile(__PACKAGE__->config->{'home'} . '/myapp.yml') );
+ __PACKAGE__->setup;
+
+Now create C<myapp.yml> in your application home:
+
+ --- #YAML:1.0
+ # DO NOT USE TABS FOR INDENTATION OR label/value SEPARATION!!!
+ name: MyApp
+
+ # session; perldoc Catalyst::Plugin::Session::FastMmap
+ session:
+ expires: '3600'
+ rewrite: '0'
+ storage: '/tmp/myapp.session'
+
+ # emails; perldoc Catalyst::Plugin::Email
+ # this passes options as an array :(
+ email:
+ - SMTP
+ - localhost
+
+This is equivalent to:
+
+ # configure base package
+ __PACKAGE__->config( name => MyApp );
+ # configure authentication
+ __PACKAGE__->config->{authentication} = {
+ user_class => 'MyApp::M::MyDB::Customer',
+ ...
+ };
+ # configure sessions
+ __PACKAGE__->config->{session} = {
+ expires => 3600,
+ ...
+ };
+ # configure email sending
+ __PACKAGE__->config->{email} = [qw/SMTP localhost/];
+
+See also L<YAML>.
+
+=head2 Using existing DBIC (etc.) classes with Catalyst
+
+Many people have existing Model classes that they would like to use with
+Catalyst (or, conversely, they want to write Catalyst models that can be
+used outside of Catalyst, e.g. in a cron job). It's trivial to write a
+simple component in Catalyst that slurps in an outside Model:
+
+ package MyApp::Model::DB;
+ use base qw/Catalyst::Model::DBIC::Schema/;
+ __PACKAGE__->config(
+ schema_class => 'Some::DBIC::Schema',
+ connect_info => ['dbi:SQLite:foo.db', '', '', {AutoCommit=>1}];
);
+ 1;
+
+and that's it! Now C<Some::DBIC::Schema> is part of your
+Cat app as C<MyApp::Model::DB>.
-If you want to upload bigger files than 1MB, then just add to your Controller
-module:
+=head2 Delivering a Custom Error Page
- $CGI::Simple::POST_MAX = 1048576000;
+By default, Catalyst will display its own error page whenever it
+encounters an error in your application. When running under C<-Debug>
+mode, the error page is a useful screen including the error message and
+L<Data::Dump> output of the relevant parts of the C<$c> context object.
+When not in C<-Debug>, users see a simple "Please come back later" screen.
+To use a custom error page, use a special C<end> method to short-circuit
+the error processing. The following is an example; you might want to
+adjust it further depending on the needs of your application (for
+example, any calls to C<fillform> will probably need to go into this
+C<end> method; see L<Catalyst::Plugin::FillInForm>).
-=head2 Easily working with datetime objects.
+ sub end : Private {
+ my ( $self, $c ) = @_;
-If you store datetime data in your tables, you can easily expand this column to
-a L<Time::Piece> object which lets you call useful methods like ymd, mon and
-datetime on it.
+ if ( scalar @{ $c->error } ) {
+ $c->stash->{errors} = $c->error;
+ $c->stash->{template} = 'errors.tt';
+ $c->forward('MyApp::View::TT');
+ $c->error(0);
+ }
+
+ return 1 if $c->response->status =~ /^3\d\d$/;
+ return 1 if $c->response->body;
+
+ unless ( $c->response->content_type ) {
+ $c->response->content_type('text/html; charset=utf-8');
+ }
+
+ $c->forward('MyApp::View::TT');
+ }
+
+You can manually set errors in your code to trigger this page by calling
+
+ $c->error( 'You broke me!' );
+
+=head2 Require user logins
+
+It's often useful to restrict access to your application to a set of
+registered users, forcing everyone else to the login page until they're
+signed in.
+
+To implement this in your application make sure you have a customer
+table with username and password fields and a corresponding Model class
+in your Catalyst application, then make the following changes:
+
+=head3 lib/MyApp.pm
+
+ use Catalyst qw/
+ Authentication
+ Authentication::Store::DBIC
+ Authentication::Credential::Password
+ /;
+
+ __PACKAGE__->config->{authentication}->{dbic} = {
+ 'user_class' => 'My::Model::DBIC::User',
+ 'user_field' => 'username',
+ 'password_field' => 'password'
+ 'password_type' => 'hashed',
+ 'password_hash_type'=> 'SHA-1'
+ };
+
+ sub auto : Private {
+ my ($self, $c) = @_;
+ my $login_path = 'user/login';
+
+ # allow people to actually reach the login page!
+ if ($c->request->path eq $login_path) {
+ return 1;
+ }
+
+ # if a user doesn't exist, force login
+ if ( !$c->user_exists ) {
+ # force the login screen to be shown
+ $c->response->redirect($c->request->base . $login_path);
+ }
+
+ # otherwise, we have a user - continue with the processing chain
+ return 1;
+ }
+
+=head3 lib/MyApp/C/User.pm
+
+ sub login : Path('/user/login') {
+ my ($self, $c) = @_;
+
+ # default template
+ $c->stash->{'template'} = "user/login.tt";
+ # default form message
+ $c->stash->{'message'} = 'Please enter your username and password';
+
+ if ( $c->request->param('username') ) {
+ # try to log the user in
+ # login() is provided by ::Authentication::Credential::Password
+ if( $c->login(
+ $c->request->param('username'),
+ $c->request->param('password'),
+ );
+
+ # if login() returns 1, user is now logged in
+ $c->response->redirect('/some/page');
+ }
-In order to set it up, add something like the following to your CDBI Model Class,
-if you are storing dates as ISO timestamps:
+ # otherwise we failed to login, try again!
+ $c->stash->{'message'} =
+ 'Unable to authenticate the login details supplied';
+ }
+ }
- __PACKAGE__->has_a(
- mycolumn => 'Time::Piece',
- inflate => sub { Time::Piece->strptime( shift, "%FT%H:%M:%S" ) },
- deflate => 'datetime'
- );
+ sub logout : Path('/user/logout') {
+ my ($self, $c) = @_;
+ # log the user out
+ $c->logout;
-or if you prefer to store dates in unix epoch time you can do something like this:
+ # do the 'default' action
+ $c->response->redirect($c->request->base);
+ }
- __PACKAGE__->has_a(
- mycolumn => 'Time::Piece',
- inflate => sub { Time::Piece->strptime( shift, "%s" ) },
- deflate => 'epoch'
- );
-If you want to use another format in the database, you can change the strptime call
-to fit your format, and use strftime to return it with your custom format to the
-database during deflate. See the L<Time::Piece> and L<Class::DBI> docs for more info.
+=head3 root/base/user/login.tt
+
+ [% INCLUDE header.tt %]
+ <form action="/user/login" method="POST" name="login_form">
+ [% message %]<br />
+ <label for="username">username:</label><br />
+ <input type="text" id="username" name="username" /><br />
+
+ <label for="password">password:</label><br />
+ <input type="password" id="password" name="password" /><br />
+
+ <input type="submit" value="log in" name="form_submit" />
+ </form>
+ [% INCLUDE footer.tt %]
+
+=head2 Role-based Authorization
+
+For more advanced access control, you may want to consider using role-based
+authorization. This means you can assign different roles to each user, e.g.
+"user", "admin", etc.
+
+The C<login> and C<logout> methods and view template are exactly the same as
+in the previous example.
+
+The L<Catalyst::Plugin::Authorization::Roles> plugin is required when
+implementing roles:
+
+ use Catalyst qw/
+ Authentication
+ Authentication::Credential::Password
+ Authentication::Store::Htpasswd
+ Authorization::Roles
+ /;
+
+Roles are implemented automatically when using
+L<Catalyst::Authentication::Store::Htpasswd>:
+
+ # no additional role configuration required
+ __PACKAGE__->config->{authentication}{htpasswd} = "passwdfile";
+
+Or can be set up manually when using L<Catalyst::Authentication::Store::DBIC>:
+
+ # Authorization using a many-to-many role relationship
+ __PACKAGE__->config->{authorization}{dbic} = {
+ 'role_class' => 'My::Model::DBIC::Role',
+ 'role_field' => 'name',
+ 'user_role_user_field' => 'user',
+
+ # DBIx::Class only (omit if using Class::DBI)
+ 'role_rel' => 'user_role',
+
+ # Class::DBI only, (omit if using DBIx::Class)
+ 'user_role_class' => 'My::Model::CDBI::UserRole'
+ 'user_role_role_field' => 'role',
+ };
+
+To restrict access to any action, you can use the C<check_user_roles> method:
+
+ sub restricted : Local {
+ my ( $self, $c ) = @_;
+
+ $c->detach("unauthorized")
+ unless $c->check_user_roles( "admin" );
+
+ # do something restricted here
+ }
+
+You can also use the C<assert_user_roles> method. This just gives an error if
+the current user does not have one of the required roles:
+
+ sub also_restricted : Global {
+ my ( $self, $c ) = @_;
+ $c->assert_user_roles( qw/ user admin / );
+ }
=head1 AUTHOR
Sebastian Riedel, C<sri@oook.de>
+Danijel Milicevic, C<me@danijel.de>
+Viljo Marrandi, C<vilts@yahoo.com>
+Marcus Ramberg, C<mramberg@cpan.org>
+Jesse Sheidlower, C<jester@panix.com>
+Andy Grundman, C<andy@hybridized.org>
+Chisel Wright, C<pause@herlpacker.co.uk>
+Will Hawes, C<info@whawes.co.uk>
+Gavin Henry, C<ghenry@cpan.org> (Spell checking)
+
=head1 COPYRIGHT
-This program is free software, you can redistribute it and/or modify it under
-the same terms as Perl itself.
+This program is free software, you can redistribute it and/or modify it
+under the same terms as Perl itself.
projects / catagits/Catalyst-Runtime.git / blobdiff