[Catalyst] RFC: Authentication & Authorization Tutorial

Daniel McBrearty danielmcbrearty at gmail.com
Tue Apr 11 23:30:17 CEST 2006

Nice work Kennedy! I just started taking a look at this. Very helpful. A few

1. after being run through pod2html, some links are to non-existent (well,
for me) local files, where I guess they should be to the relevant CPAN page.

- in the Intro, for DBIx::Class::Manual
- in "Include Auth and Session Plugins", to Session::Store plugin

2. Really, this covers a lot more ground than just Auth/Auth. I actually
stopped and took a tour of DBIx (which is also new to me) before digging in
to this. (I'm actually wondering how I managed to write anything much
without these tools ... but anyhow ...) I think that could be reflected in
the title, or at least the first few paras ... something like :

"Along the way you'll find out (if you didn't already know) how to use the
SQLite db with the DBIx library for painless interactions with your catalyst
app. Also we'll show you the TTSite feature of Template Toolkit ... "
(another thing I was blind ignorant of - where does this stuff all come from

3. When I got the app to fire up, I didn't get the db queries ion debug at
first - I had teh env variable wrong. Is there an easier way of turning this
debug feature on? (lIke in the config file maybe ...?)

3 1/2. I didn't get the thing about trimming newlines in the TT comment -
why is that done?

4. from the perspective of a cat newb who has only worked throgh the
existing tutorial beforehand ... some discontinuties that come up going from
that to this ...

 - why are we now using tt2 extensions for our templates? does this mean
anything or is it just personal choice?
 - how does TT know that the path to templates is now root/src ? this had to
be explicitly set (in MyApp.pm IIRC) in the other tut.

5. is there any reason for seperate controllers for login, logout? why not
group them as actions under a single controller like user/login,
user/logout? (or is it just a matter of taste ...?)

6. (I'm down at the "Try out authentication" section now. this is starting
to look really neat.) There is a lot going on in the debug info now - the
session id's have magically started happening, and the looking up of the
user ... it would be quite cool to pull some of this apart here and look at
what is really happening. I guess a lot of this was also the case in the
other tut, but it was a bit too much and didn't really sink in at the time

7. the stuff about TT multiline comments in login.tt2 seemed a bit
irrelevant TBH - I changed the code their to be a TT "IF/ELSE/END" so that
you don't see the login form at all if you are already logged in, and felt a
small sense of achievement ...

8. I got to the part where you add the two login buttons, but now something
isn't flying right with me ... it seems that $c->user->roles is empty. Dunno
why ... it's late and I can't figure it right now. I checked teh database is
ok, the config file and teh modules ... all seems to be good. Will have to
look at it another day, maybe d/l the example code and see what that does
for me ...

it looks like a great tutorial, what's very good is that it hits exactly on
things that I need to do for my project. It also follows on very well from
the existing Manual::Tutorial, in that it seems to build on that stuff quite
well. If you would all put these things together and smooth over the seams a
bit, you'd basically have teh catalyst book ... or e-book or whatever ...

thanks a lot for this. it is pretty helpful


On 4/11/06, Yuval Kogman < nothingmuch at woobling.org> wrote:
> On Sun, Apr 09, 2006 at 00:06:27 -0400, hkclark at gmail.com wrote:
> > I split authentication and authorization into two different
> > phases/sections and added some more specific examples of
> > authorization, especially in the controller.  Again, it's intended
> > to be a learning tool more than a real-world example -- hopefully
> > the examples illustrate the concepts without getting into too much
> > complexity.
> You can also introduce the ACL plugin real quick, right before phase
> 5 if you think it's appropriate.
> --
>   Yuval Kogman < nothingmuch at woobling.org >
> http://nothingmuch.woobling.org  0xEBD27418
> _______________________________________________
> Catalyst mailing list
> Catalyst at lists.rawmode.org
> http://lists.rawmode.org/mailman/listinfo/catalyst

Daniel McBrearty
email : danielmcbrearty at gmail.com
www.engoi.com : the multi - language vocab trainer
BTW : 0873928131
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rawmode.org/pipermail/catalyst/attachments/20060411/14080907/attachment-0001.htm 

More information about the Catalyst mailing list