Authen-U2F
1 match

 view release on metacpan or  search on metacpan

examples/demoserver/demoserver.psgi  view on Meta::CPAN 

#!/usr/bin/env plackup

use warnings;
use strict;

use Plack::Request;
use Plack::Builder;
use Plack::App::File;
use Authen::U2F qw(u2f_challenge u2f_registration_verify u2f_signature_verify);
use Template;
use JSON;

my $t = Template->new;

# base app. finds a template file, includes the session and any current u2f
# vars in the stash and expands the template
my $base_app = sub {
  my ($env) = @_;
  my $req = Plack::Request->new($env);
  my $session = $req->session;

  my $path = $req->request_uri;
  my ($file) = $path eq '/' ? ('index') : $path =~ m{^/(\w+)$};
  return $req->new_response(404)->finalize unless $file && -r "$file.html.tt2";

  my $template = do { local (@ARGV, $/) = ("$file.html.tt2"); <> };
  my $u2f = defined $env->{u2f} ? $env->{u2f} : {};
  $t->process(\$template, {
    %$session,
    u2f => $u2f,
  }, \my $output) || die $t->error;

  my $res = $req->new_response(200);
  $res->headers([ 'Content-type' => 'text/html' ]);
  $res->body($output);
  return $res->finalize;
};

# signup. on GET, just goes through to the base app to display the signup page.
# on POST, inserts the passed username into the session, which we use as our "I
# am logged in indicator
my $signup_app = sub {
  my ($env) = @_;
  my $req = Plack::Request->new($env);
  my $session = $req->session;

  return $base_app->($env) unless $req->method eq 'POST';

  my $params = $req->parameters;
  $session->{$_} = $params->{$_} for keys %$params;
  my $res = $req->new_response;
  $res->redirect('/', 302);
  return $res->finalize;
};

# logout handler. deletes the username in the session, and then returns to the
# root
my $logout_app = sub {
  my ($env) = @_;
  my $req = Plack::Request->new($env);
  my $session = $req->session;

  delete $session->{username};

  my $res = $req->new_response;
  $res->redirect('/', 302);
  return $res->finalize;
};

# register screen. prepares a registration challenge and then goes to the base
# handler, which will build the page from the register template, which has some
# javascript in it to interact with the U2F device
my $register_app = sub {
  my ($env) = @_;
  my $req = Plack::Request->new($env);
  my $session = $req->session;

  my $app_id = 'https://'.$req->uri->host;

  $session->{challenge} = u2f_challenge;

  my $register_request = {
    appId => $app_id,
    registerRequest => {



( run in 0.719 second using v1.01-cache-2.11-cpan-ceb78f64989 )