Mojolicious-Plugin-HttpBasicAuth
view release on metacpan or search on metacpan
NAME
Mojolicious::Plugin::HttpBasicAuth - Http-Basic-Authentication
implementation for Mojolicious
SYNOPSIS
# in your startup
$self->plugin(
'http_basic_auth', {
validate => sub {
my $c = shift;
my $loginname = shift;
my $password = shift;
my $realm = shift;
return 1 if($realm eq 'Evergreen Terrace' && $loginname eq 'Homer' && $password eq 'Marge');
return 0;
},
realm => 'Evergreen Terrace'
}
);
sub index {
my $self = shift;
return unless $self->basic_auth(\%options);
$self->render();
}
# or bridged
my $foo = $r->bridge('/bridge')->to(cb => sub {
my $self = shift;
# Authenticated
return unless $self->basic_auth({realm => 'Castle Bridge', validate => sub {return 1;}});
});
$foo->route('/bar')->to(controller => 'foo', action => 'bar');
DESCRIPTION
Mojolicious::Plugin::HttpBasicAuth is a implementation of the
Http-Basic-Authentication
OPTIONS
Mojolicious::Plugin::HttpBasicAuth supports the following options.
realm
$self->plugin('http_basic_auth', {realm => 'My Castle!'});
HTTP-Realm, defaults to 'WWW'
validate
$self->plugin('http_basic_auth', {
validate => sub {
my $c = shift;
my $loginname = shift;
my $password = shift;
my $realm = shift;
return 1 if($realm eq 'Springfield' && $loginname eq 'Homer' && $password eq 'Marge');
return 0;
}
});
Validation callback to verify user. This option is mandatory.
All default options can be overwritten in every call.
METHODS
Mojolicious::Plugin::HttpBasicAuth inherits all methods from
Mojolicious::Plugin and implements the following new ones.
register
my $route = $plugin->register(Mojolicious->new);
my $route = $plugin->register(Mojolicious->new, {realm => 'Fort Knox', validate => sub {
return 0;
}});
Register renderer and helper in Mojolicious application.
SEE ALSO
Mojolicious, Mojolicious::Guides, http://mojolicio.us.
AUTHOR
lib/Mojolicious/Plugin/HttpBasicAuth.pm view on Meta::CPAN
our $VERSION = '0.12';
sub register {
my ($plugin, $app, $user_defaults) = @_;
push @{ $app->renderer->classes }, __PACKAGE__;
my %defaults = %$user_defaults;
$defaults{realm} //= 'WWW';
$defaults{validate} //= sub {
die('please define a validate callback');
};
$defaults{invalid} //= sub {
my $controller = shift;
return (
json => { json => { error => 'HTTP 401: Unauthorized' } },
html => { template => 'auth/basic' },
any => { data => 'HTTP 401: Unauthorized' }
);
};
lib/Mojolicious/Plugin/HttpBasicAuth.pm view on Meta::CPAN
my $params = shift // {};
my %options = (%defaults, %$params);
# Sent credentials
my $auth = b64_decode($plugin->_auth_header($controller) || '');
# No credentials entered
return $plugin->_unauthorized($controller, $options{realm}, $options{invalid}) unless ($auth);
# Verification within callback
return 1 if $options{validate} and $options{validate}->($controller, split(/:/, $auth, 2), $options{realm});
# Not verified
return $plugin->_unauthorized($controller, $options{realm}, $options{invalid});
}
);
}
sub _auth_header {
my $plugin = shift;
my $controller = shift;
lib/Mojolicious/Plugin/HttpBasicAuth.pm view on Meta::CPAN
=head1 NAME
Mojolicious::Plugin::HttpBasicAuth - Http-Basic-Authentication implementation for Mojolicious
=head1 SYNOPSIS
# in your startup
$self->plugin(
'http_basic_auth', {
validate => sub {
my $c = shift;
my $loginname = shift;
my $password = shift;
my $realm = shift;
return 1 if($realm eq 'Evergreen Terrace' && $loginname eq 'Homer' && $password eq 'Marge');
return 0;
},
realm => 'Evergreen Terrace'
}
);
lib/Mojolicious/Plugin/HttpBasicAuth.pm view on Meta::CPAN
sub index {
my $self = shift;
return unless $self->basic_auth(\%options);
$self->render();
}
# or bridged
my $foo = $r->bridge('/bridge')->to(cb => sub {
my $self = shift;
# Authenticated
return unless $self->basic_auth({realm => 'Castle Bridge', validate => sub {return 1;}});
});
$foo->route('/bar')->to(controller => 'foo', action => 'bar');
=head1 DESCRIPTION
L<Mojolicious::Plugin::HttpBasicAuth> is a implementation of the Http-Basic-Authentication
=head1 OPTIONS
L<Mojolicious::Plugin::HttpBasicAuth> supports the following options.
=head2 realm
$self->plugin('http_basic_auth', {realm => 'My Castle!'});
HTTP-Realm, defaults to 'WWW'
=head2 validate
$self->plugin('http_basic_auth', {
validate => sub {
my $c = shift;
my $loginname = shift;
my $password = shift;
my $realm = shift;
return 1 if($realm eq 'Springfield' && $loginname eq 'Homer' && $password eq 'Marge');
return 0;
}
});
Validation callback to verify user. This option is B<mandatory>.
lib/Mojolicious/Plugin/HttpBasicAuth.pm view on Meta::CPAN
All default options can be overwritten in every call.
=head1 METHODS
L<Mojolicious::Plugin::HttpBasicAuth> inherits all methods from
L<Mojolicious::Plugin> and implements the following new ones.
=head2 register
my $route = $plugin->register(Mojolicious->new);
my $route = $plugin->register(Mojolicious->new, {realm => 'Fort Knox', validate => sub {
return 0;
}});
Register renderer and helper in L<Mojolicious> application.
=head1 SEE ALSO
L<Mojolicious>, L<Mojolicious::Guides>, L<http://mojolicio.us>.
=head1 AUTHOR
use Mojo::Base -strict;
use Test::More;
use Mojolicious::Lite;
use Mojo::ByteStream 'b';
use Test::Mojo;
my $tested_realm;
my $custom_setting;
sub validate {
my $c = shift;
my $u = shift;
my $p = shift;
my $r = shift;
$tested_realm = $r;
return 1 if ($u eq 'foo' && $p eq 'bar');
return 0;
}
plugin 'http_basic_auth' => {
validate => \&validate
};
get '/' => sub {
my $c = shift;
return unless $c->basic_auth($custom_setting);
$c->render(text => 'Hello Mojo!');
};
get '/delayed' => sub {
my $c = shift;
name => 'default',
options => undef,
},
{
name => 'custom realm',
options => {
realm => 'FOO',
},
},
{
name => 'custom validate',
options => {
validate => \&validate,
},
},
{
name => 'custom invalid',
options => {
invalid => sub {
any => { data => 'Authorization Required' }
},
},
},
( run in 1.322 second using v1.01-cache-2.11-cpan-39bf76dae61 )