[Catalyst] How to use and maintain sessions in catalyst...please check out my code...

Yuval Kogman nothingmuch at woobling.org
Wed Jan 4 08:48:10 CET 2006 

On Wed, Jan 04, 2006 at 12:33:05 +0530, Vidya Sagar wrote:
> Hi all,
> 
> 
> This is how i have set seessions to usrid and password.....
> 
>         $c->session->{youser} = $c->req->params->{usrid};
>         $c->session->{youpass} = $c->req->params->{password};
>         my ($uusr) = TMS::Model::Emp->search({ usrid =>
> $c->session->{youser}, password => $c->session->{youpass} });
>                 if ($uusr){
>                          $c->session->{gole}= $uusr->role;
>                 }

After you've verified the user once there's no need to keep the
password around - just save $c->session->{youser} (or whatever
$uuser->id is) and use it to retrieve later.

But there is really no need to do it this manually: the new
authentication framework does all this for you:

	glue on to your user storage (in this case a model)
	authenticate user based on login/password
	integrate with Catalyst::Plugin::Session

There is an introduction to Authentication here:

	http://catalyst.perl.org/calendar/2005/24

> I didnt maintain any roles table....I have just 3 columns in my
> emp........1.usrid 2.password 3.role(admin,user)
> And this is how i m retrieving session and using it for further
> programming.......

This can be done automatically, btw - the Authentication plugin will
retrieve stuff for you only as required.

Looking at the code though, that seems to be the part that creates a
new user, not retrieves a logged in user.

> Can i write the code in the above pattern to check the authentication and
> whether the user is admin or not.......waiting for the reply thanks in
> advance......

Yes... =)

What you should do is use TMS::Model as an authentication store (it
looks like Class::DBI or DBIx::Class, both of which are supported
using Catalyst::Plugin::Authentication::Store::DBIC).

Then you can use Catalyst::Plugin::Authorization::Roles, and simply
make the ->roles method return the ->role column as a one value
list.

This advent calendar entry is an introduction to authorization:

	http://catalyst.perl.org/calendar/2005/24

and how it plugs in to an existing C::P::Authentication deployment

-- 
 ()  Yuval Kogman <nothingmuch at woobling.org> 0xEBD27418  perl hacker &
 /\  kung foo master: /me sushi-spin-kicks : neeyah!!!!!!!!!!!!!!!!!!!!

More information about the Catalyst mailing list