Ado
view release on metacpan or search on metacpan
lib/Ado/Plugin/Auth.pm view on Meta::CPAN
#in etc/plugins/auth.$mode.conf
{
#methods which will be displayed in the "Sign in" menu
auth_methods => ['ado', 'google'],
}
=head2 providers
A Hash reference with keys representing names of providers (same as
auth_methods) and values, containing the configurations for the specific
providers. This option will be merged with already defined providers by
L<Mojolicious::Plugin::OAuth2>. Add the rest of the needed configuration
options to auth.development.conf or auth.production.conf only because this is
highly sensitive and application specific information.
#Example for google:
google =>{
#client_id
key =>'123456654321abcd.apps.googleusercontent.com',
secret =>'Y0uRS3cretHEre',
scope=>'profile email',
info_url => 'https://www.googleapis.com/userinfo/v2/me',
},
=head2 routes
Currently defined routes are described in L</ROUTES>.
=head1 CONDITIONS
L<Ado::Plugin::Auth> provides the following conditions to be used by routes.
To find more about conditions read L<Mojolicious::Guides::Routing/Conditions>.
=head2 authenticated
Condition for routes used to check if a user is authenticated.
=cut
#TODO:?
#Additional parameters can be passed to specify the preferred
#authentication method to be preselected in the login form
#if condition redirects to C</login/:auth_method>.
=pod
# add the condition programatically
$app->routes->route('/ado-users/:action', over => {authenticated=>1});
$app->routes->route('/ado-users/:action',
over => [authenticated => 1, ingroup => 'admin']
);
#in etc/ado.$mode.conf or etc/plugins/foo.$mode.conf
routes => [
#...
{
route => '/ado-users/:action:id',
via => [qw(PUT DELETE)],
# only authenticated users can edit and delete users,
# and only if they are authorized to do so
over => [authenticated => 1, ingroup => 'admin'],
to =>'ado-users#edit'
}
],
=head2 ingroup
Checks if a user is in the given group. Returns true or false.
# in etc/plugins/routes.conf or etc/plugins/foo.conf
{
route => '/vest',
via => ['GET'],
to => 'vest#screen',
over => [authenticated => 1, ingroup => 'foo'],
}
# programatically
$app->routes->route('/ado-users/:action', over => {ingroup => 'foo'});
=head1 HELPERS
L<Ado::Plugin::Auth> provides the following helpers for use in
L<Ado::Control> methods and templates.
=head2 login_ado
Finds and logs in a user locally. Returns true on success, false otherwise.
=head2 login_google
Called via C</login/google>. Finds an existing user and logs it in via Google.
Creates a new user if it does not exist and logs it in via Google. The new
user can login via any supported OAuth2 provider as long as it has the same
email. The user can not login using Ado local authentication because he does
not know his password, which is randomly generated. Returns true on success,
false otherwise.
=head2 login_facebook
Called via C</login/facebook>. Finds an existing user and logs it in via
Facebook. Creates a new user if it does not exist and logs it in via Facebook.
The new user can login via any supported Oauth2 provider as long as it has the
same email. The user can not login using Ado local authentication because he
does not know his password, which is randomly generated. Returns true on
success, false otherwise.
=head1 HOOKS
Ado::Plugin::Auth emits the following hooks.
=head2 after_login
In your plugin you can define some functionality to be executed right after a
user has logged in. For example add some links to the adobar template,
available only to logged-in users. Only the controller C<$c> is passed to this
hook.
#example from Ado::Plugin::Admin
$app->hook(
after_login => sub {
push @{shift->session->{adobar_links} //= []},
{icon => 'dashboard', href => '/ado', text => 'Dashboard'};
( run in 0.533 second using v1.01-cache-2.11-cpan-5837b0d9d2c )