CGI-Application-Plugin-Authentication
view release on metacpan or search on metacpan
[ 'Generic', sub { my ($u, $p) = @_; is_prime($p) ? 1 : 0 } ]
],
- or -
DRIVER => [ 'Authen::Simple::LDAP',
host => 'ldap.company.com',
basedn => 'ou=People,dc=company,dc=net'
],
STORE
Here you can choose how we store the authenticated information after
a user has successfully logged in. We need to store the username so
that on the next request we can tell the user has already logged in,
and we do not have to present them with another login form. If you
do not provide the STORE option, then the plugin will look to see if
you are using the CGI::Application::Plugin::Session module and based
on that info use either the Session module, or fall back on the
Cookie module. If the module requires extra parameters, you can pass
an array reference that contains as the first parameter the name of
the module, and the rest of the array should contain key value pairs
of options for this module. These storage modules generally live
under the CGI::Application::Plugin::Authentication::Store::
name-space, and this part of the package name can be left off when
specifying the STORE parameter.
STORE => 'Session'
- or -
STORE => ['Cookie',
NAME => 'MYAuthCookie',
SECRET => 'FortyTwo',
EXPIRY => '1d',
]
POST_LOGIN_RUNMODE
Here you can specify a runmode that the user will be redirected to
if they successfully login.
POST_LOGIN_RUNMODE => 'welcome'
POST_LOGIN_URL
Here you can specify a URL that the user will be redirected to if
they successfully login. If both POST_LOGIN_URL and
POST_LOGIN_RUNMODE are specified, then the latter will take
precedence.
POST_LOGIN_URL => 'http://example.com/start.cgi'
POST_LOGIN_CALLBACK
A code reference that is executed after login processing but before
POST_LOGIN_RUNMODE or redirecting to POST_LOGIN_URL. This is
normally a method in your CGI::Application application and as such
the CGI::Application object is passed as a parameter.
POST_LOGIN_CALLBACK => \&update_login_date
and later in your code:
sub update_login_date {
my $self = shift;
return unless($self->authen->is_authenticated);
...
}
LOGIN_RUNMODE
Here you can specify a runmode that the user will be redirected to
if they need to login.
LOGIN_RUNMODE => 'login'
LOGIN_URL
If your login page is external to this module, then you can use this
option to specify a URL that the user will be redirected to when
they need to login. If both LOGIN_URL and LOGIN_RUNMODE are
specified, then the latter will take precedence.
LOGIN_URL => 'http://example.com/login.cgi'
LOGOUT_RUNMODE
Here you can specify a runmode that the user will be redirected to
if they ask to logout.
LOGOUT_RUNMODE => 'logout'
LOGOUT_URL
If your logout page is external to this module, then you can use
this option to specify a URL that the user will be redirected to
when they ask to logout. If both LOGOUT_URL and LOGOUT_RUNMODE are
specified, then the latter will take precedence.
LOGIN_URL => 'http://example.com/logout.html'
DETAINT_URL_REGEXP
This is a regular expression used to detaint URLs used in the login
form. By default it will be set to
^([\w\_\%\?\&\;\-\/\@\.\+\$\=\#\:\!\*\"\'\(\)\,]+)$
This regular expression is based upon the document
http://www.w3.org/Addressing/URL/url-spec.txt. You could set it to a
more specific regular expression to limit the domains to which users
could be directed.
DETAINT_USERNAME_REGEXP
This is a regular expression used to detaint the username parameter
used in the login form. By default it will be set to
^([\w\_]+)$
CREDENTIALS
Set this to the list of form fields where the user will type in
their username and password. By default this is set to
['authen_username', 'authen_password']. The form field names should
be set to a value that you are not likely to use in any other forms.
This is important because this plugin will automatically look for
query parameters that match these values on every request to see if
a user is trying to log in. So if you use the same parameter names
( run in 0.870 second using v1.01-cache-2.11-cpan-39bf76dae61 )