[scpubgit/stemmaweb.git] / lib / stemmaweb / Controller / Users.pm

package stemmaweb::Controller::Users;
use Moose;
use namespace::autoclean;

use Google::JWT;

use JSON::MaybeXS;
use JSON::WebToken;

use MIME::Base64;

BEGIN {extends 'CatalystX::Controller::Auth'; }
with 'Catalyst::TraitFor::Controller::reCAPTCHA';

=head1 NAME

stemmaweb::Controller::Users - Catalyst Controller

=head1 DESCRIPTION

The Users controller is based on L<CatalystX::Controller::Auth>, see
there for most of the functionality. Any localised parts are described
below.

This controller uses L<Catalyst::TraitFor::Controller::reCAPTCHA> to
create and check a reCaptcha form shown on the C<register> form to
help prevent spam signups.

=head1 METHODS

=cut

sub base :Chained('/') :PathPart('') :CaptureArgs(0)
{
        my ( $self, $c ) = @_;

        $self->next::method( $c );
}

=head2 index

The index action is not currently used.

=cut

sub index :Path :Args(0) {
    my ( $self, $c ) = @_;

    $c->response->body('Matched stemmaweb::Controller::Users in Users.');
}

=head2 login with openid

Logging in with openid/google requires two passes through the login
action, on the 2nd pass the C<openid-check> value is passed in when
the openid providing webserver links the user back to the stemmaweb
site. This adaptation to the C<login> action sets the realm we are
authenticating against to be C<openid> in this case.

=cut

before login => sub {
  my($self, $c) = @_;
  $c->req->param( realm => 'openid')
    if $c->req->param('openid-check');

  if ($c->req->params->{email} && $c->req->params->{id_token}) {
    $c->req->param( realm => 'google');
  }

  $c->stash->{google_client_id} = $c->config->{'Authentication::Credential::Google'}->{client_id};
};

=head2 register with recaptcha

This adapts the C<register> action to add the recaptcha HTML to the
page, and verify the recaptcha info entered is correct when the form
is submitted. If the recaptcha is not correct, we just redisplay the
form with an error message.

=cut

before register => sub {
    my ($self, $c) = @_;

    ## Puts HTML into stash in "recaptcha" key.
    $c->forward('captcha_get');

    ## When submitting, check recaptcha passes, else re-draw form
    if($c->req->method eq 'POST') {
        if(!$c->forward('captcha_check') || 0 ) {
            ## Need these two lines to detach, so end can draw the correct template again:
            my $form = $self->form_handler->new( active => [ $self->login_id_field, 'password', 'confirm_password' ] );
            $c->stash( template => $self->register_template, form => $form );

            $c->detach();
        }
    }
};

=head2 success

A stub page returned on login / registration success.

=cut

sub success :Local :Args(0) {
    my ( $self, $c ) = @_;

	$c->load_status_msgs;
    $c->stash->{template} = 'auth/success.tt';
}

=head2 post_logout

Return to the index page, not to the login page.

=cut

sub post_logout {
	my( $self, $c ) = @_;
	$c->response->redirect( $c->uri_for_action( '/index' ) );
	$c->detach;
}

=head1 AUTHOR

A clever guy

=head1 LICENSE

This library is free software. You can redistribute it and/or modify
it under the same terms as Perl itself.

=cut

__PACKAGE__->meta->make_immutable;

1;
Commit	Line	Data
19262e3d	1	package stemmaweb::Controller::Users;
	2	use Moose;
	3	use namespace::autoclean;
	4
85990daf	5	use Google::JWT;
	6
	7	use JSON::MaybeXS;
	8	use JSON::WebToken;
	9
	10	use MIME::Base64;
	11
19262e3d	12	BEGIN {extends 'CatalystX::Controller::Auth'; }
b74843e5	13	with 'Catalyst::TraitFor::Controller::reCAPTCHA';
19262e3d	14
	15	=head1 NAME
	16
	17	stemmaweb::Controller::Users - Catalyst Controller
	18
	19	=head1 DESCRIPTION
	20
b74843e5	21	The Users controller is based on L<CatalystX::Controller::Auth>, see
	22	there for most of the functionality. Any localised parts are described
	23	below.
	24
	25	This controller uses L<Catalyst::TraitFor::Controller::reCAPTCHA> to
	26	create and check a reCaptcha form shown on the C<register> form to
	27	help prevent spam signups.
19262e3d	28
	29	=head1 METHODS
	30
	31	=cut
	32
	33	sub base :Chained('/') :PathPart('') :CaptureArgs(0)
	34	{
	35	my ( $self, $c ) = @_;
1628e97a	36
19262e3d	37	$self->next::method( $c );
	38	}
	39
	40	=head2 index
	41
b74843e5	42	The index action is not currently used.
b74843e5	43
19262e3d	44	=cut
	45
	46	sub index :Path :Args(0) {
	47	my ( $self, $c ) = @_;
	48
	49	$c->response->body('Matched stemmaweb::Controller::Users in Users.');
	50	}
	51
b74843e5	52	=head2 login with openid
	53
	54	Logging in with openid/google requires two passes through the login
	55	action, on the 2nd pass the C<openid-check> value is passed in when
	56	the openid providing webserver links the user back to the stemmaweb
eb38afbc	57	site. This adaptation to the C<login> action sets the realm we are
b74843e5	58	authenticating against to be C<openid> in this case.
	59
	60	=cut
	61
b600c671	62	before login => sub {
	63	my($self, $c) = @_;
	64	$c->req->param( realm => 'openid')
	65	if $c->req->param('openid-check');
83ed6665	66
	67	if ($c->req->params->{email} && $c->req->params->{id_token}) {
	68	$c->req->param( realm => 'google');
	69	}
740a6e04	70
740a6e04	71	$c->stash->{google_client_id} = $c->config->{'Authentication::Credential::Google'}->{client_id};
b600c671	72	};
19262e3d	73
b74843e5	74	=head2 register with recaptcha
	75
	76	This adapts the C<register> action to add the recaptcha HTML to the
	77	page, and verify the recaptcha info entered is correct when the form
	78	is submitted. If the recaptcha is not correct, we just redisplay the
	79	form with an error message.
	80
	81	=cut
	82
	83	before register => sub {
	84	my ($self, $c) = @_;
	85
	86	## Puts HTML into stash in "recaptcha" key.
	87	$c->forward('captcha_get');
	88
	89	## When submitting, check recaptcha passes, else re-draw form
	90	if($c->req->method eq 'POST') {
85990daf	91	if(!$c->forward('captcha_check') \|\| 0 ) {
b74843e5	92	## Need these two lines to detach, so end can draw the correct template again:
	93	my $form = $self->form_handler->new( active => [ $self->login_id_field, 'password', 'confirm_password' ] );
	94	$c->stash( template => $self->register_template, form => $form );
	95
	96	$c->detach();
	97	}
	98	}
	99	};
	100
eb38afbc	101	=head2 success
	102
	103	A stub page returned on login / registration success.
	104
	105	=cut
	106
	107	sub success :Local :Args(0) {
	108	my ( $self, $c ) = @_;
	109
	110	$c->load_status_msgs;
	111	$c->stash->{template} = 'auth/success.tt';
	112	}
	113
	114	=head2 post_logout
	115
	116	Return to the index page, not to the login page.
	117
	118	=cut
	119
	120	sub post_logout {
	121	my( $self, $c ) = @_;
	122	$c->response->redirect( $c->uri_for_action( '/index' ) );
	123	$c->detach;
	124	}
	125
19262e3d	126	=head1 AUTHOR
	127
	128	A clever guy
	129
	130	=head1 LICENSE
	131
	132	This library is free software. You can redistribute it and/or modify
	133	it under the same terms as Perl itself.
	134
	135	=cut
	136
	137	__PACKAGE__->meta->make_immutable;
	138
	139	1;