[Catalyst] process a restored request
Matt S Trout
dbix-class at trout.me.uk
Fri Jan 11 18:27:46 GMT 2008
On Tue, Jan 08, 2008 at 02:58:17PM -0500, catalyst at jgb.ca wrote:
> Hi,
> in my application, if a client issues a request after say 30 minutes of
> inactivity, I want to answer his request only after successfull
> authentication.
>
> Ideally, I would simply serialize $c->request in the session, ask for
> authentication, then if successfull restore the stored request to $c and call
> $c->dispatch. But after playing around a bit, it appears not to be that
> simple (the context is stored in the request as '_context', the body seems
> fetched only on-demand, dispatch seems to need some prepare_* methods to be
> called).
>
> I searched the list and only found this proposition for a similar mechanism:
> http://lists.scsys.co.uk/pipermail/catalyst/2007-February/012256.html
>
> Am I missing an easier way of doiing this?
Yes.
Don't try and serialize $c->req, just dump any POST data back out into
hidden fields in the login form, don't change the URL, and have the login
form processed in a forward() from auto or similar rather than doing a
detach. This is how I handle "user needs to log in to continue" across the
board and it makes life much simpler.
i.e. something like
sub auto :Private {
my ($self, $c) = @_;
unless ($c->user_exists) {
unless ($c->forward('try_login')) {
$c->detach('show_login_form');
return 0;
}
}
return 1;
}
sub try_login :Private {
my ($self, $c) = @_;
my $b = $c->req->body_parameters;
return 0 unless $b->{__username};
return $c->authenticate({
username => $b->{__username}
password => $b->{__password}
});
}
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Director http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/
More information about the Catalyst
mailing list