Dancer2-Plugin-Auth-HTTP-Basic-DWIW
view release on metacpan or search on metacpan
lib/Dancer2/Plugin/Auth/HTTP/Basic/DWIW.pm view on Meta::CPAN
my ($username, $password) = split(':', decode_base64($auth_string), 2);
$username || $password || die \401;
if(my $handler = $HANDLERS->{check_login}) {
if(ref($handler) eq 'CODE') {
my $check_result = eval { $handler->($username, $password); };
if($@) {
$dsl->error("Error while validating credentials: $@");
die \500;
}
if(!$check_result) {
die \401;
}
}
}
};
lib/Dancer2/Plugin/Auth/HTTP/Basic/DWIW.pm view on Meta::CPAN
my ( $user, $pass ) = http_basic_auth_login;
return $user;
};
1;
=head1 DESCRIPTION
This plugin gives you the option to use HTTP Basic authentication with Dancer2.
You can set a handler to check the supplied credentials. If you don't set a handler, every username/password combination will work.
=head1 CAUTION
Don't ever use HTTP Basic authentication over clear-text connections! Always use HTTPS!
The only case were using HTTP is ok is while developing an application. Don't use HTTP because you think it is ok in corporate networks or something alike, you can always have bad bad people in your network..
=head1 CONFIGURATION
=over 4
t/03-plugin_password_colon.t view on Meta::CPAN
use Dancer2;
use Dancer2::Plugin::Auth::HTTP::Basic::DWIW;
get '/' => http_basic_auth required => sub {
my ( $user, $password ) = http_basic_auth_login;
return $password;
};
}
# credentials are: test:foo:bar
my $test1 = Plack::Test->create( TestAppAnyUser->to_app );
my $res1 = $test1->request( GET '/' );
is( $res1->code, 401,
'[Any User, no Authorization header] Correct status code (401)' );
is(
$res1->header('WWW-Authenticate'),
'Basic realm="Please login"',
'[Any user, no Authorization header] Correct WWW-Authenticate header'
);
( run in 0.310 second using v1.01-cache-2.11-cpan-fd5d4e115d8 )