view release on metacpan or  search on metacpan

lib/CGI/Application/Plugin/Authentication.pm  view on Meta::CPAN

         [ 'Generic', sub { my ($u, $p) = @_; is_prime($p) ? 1 : 0 } ]
     ],

  - or -

     DRIVER => [ 'Authen::Simple::LDAP',
         host   => 'ldap.company.com',
         basedn => 'ou=People,dc=company,dc=net'
     ],


=item STORE

Here you can choose how we store the authenticated information after a user has successfully 
logged in.  We need to store the username so that on the next request we can tell the user
has already logged in, and we do not have to present them with another login form.  If you
do not provide the STORE option, then the plugin will look to see if you are using the
L<CGI::Application::Plugin::Session> module and based on that info use either the Session
module, or fall back on the Cookie module.  If the module requires extra parameters, you
can pass an array reference that contains as the first parameter the name of the module,
and the rest of the array should contain key value pairs of options for this module.
These storage modules generally live under the CGI::Application::Plugin::Authentication::Store::
name-space, and this part of the package name can be left off when specifying the STORE
parameter.

    STORE => 'Session'

  - or -

    STORE => ['Cookie',
        NAME   => 'MYAuthCookie',
        SECRET => 'FortyTwo',
        EXPIRY => '1d',
    ]


=item POST_LOGIN_RUNMODE

Here you can specify a runmode that the user will be redirected to if they successfully login.

  POST_LOGIN_RUNMODE => 'welcome'

=item POST_LOGIN_URL

Here you can specify a URL that the user will be redirected to if they successfully login.
If both POST_LOGIN_URL and POST_LOGIN_RUNMODE are specified, then the latter
will take precedence.

  POST_LOGIN_URL => 'http://example.com/start.cgi'

=item POST_LOGIN_CALLBACK

A code reference that is executed after login processing but before POST_LOGIN_RUNMODE or
redirecting to POST_LOGIN_URL. This is normally a method in your CGI::Application application
and as such the CGI::Application object is passed as a parameter. 

  POST_LOGIN_CALLBACK => \&update_login_date

and later in your code:

  sub update_login_date {
    my $self = shift;

    return unless($self->authen->is_authenticated);

    ...
  }


=item LOGIN_RUNMODE

Here you can specify a runmode that the user will be redirected to if they need to login.

  LOGIN_RUNMODE => 'login'

=item LOGIN_URL

If your login page is external to this module, then you can use this option to specify a
URL that the user will be redirected to when they need to login. If both
LOGIN_URL and LOGIN_RUNMODE are specified, then the latter will take precedence.

  LOGIN_URL => 'http://example.com/login.cgi'

=item LOGOUT_RUNMODE

Here you can specify a runmode that the user will be redirected to if they ask to logout.

  LOGOUT_RUNMODE => 'logout'

=item LOGOUT_URL

If your logout page is external to this module, then you can use this option to specify a
URL that the user will be redirected to when they ask to logout.  If both
LOGOUT_URL and LOGOUT_RUNMODE are specified, then the latter will take precedence.

  LOGIN_URL => 'http://example.com/logout.html'

=item DETAINT_URL_REGEXP

This is a regular expression used to detaint URLs used in the login form. By default it will be set to

  ^([\w\_\%\?\&\;\-\/\@\.\+\$\=\#\:\!\*\"\'\(\)\,]+)$

This regular expression is based upon the document http://www.w3.org/Addressing/URL/url-spec.txt. You could 
set it to a more specific regular expression to limit the domains to which users could be directed.

=item DETAINT_USERNAME_REGEXP

This is a regular expression used to detaint the username parameter used in the login form. By default it will be set to

  ^([\w\_]+)$

=item CREDENTIALS

Set this to the list of form fields where the user will type in their username and password.
By default this is set to ['authen_username', 'authen_password'].  The form field names should
be set to a value that you are not likely to use in any other forms.  This is important
because this plugin will automatically look for query parameters that match these values on
every request to see if a user is trying to log in.  So if you use the same parameter names
on a user management page, you may inadvertently perform a login when that was not intended.
Most of the Driver modules will return the first CREDENTIAL as the username, so make sure