[Catalyst] process a restored request

[Jonas Alves]

On Jan 11, 2008 6:27 PM, Matt S Trout <dbix-class at trout.me.uk> wrote:
> On Tue, Jan 08, 2008 at 02:58:17PM -0500, catalyst at jgb.ca wrote:
> > Hi,
> > in my application, if a client issues a request after say 30 minutes of
> > inactivity, I want to answer his request only after successfull
> > authentication.
> >
> > Ideally, I would simply serialize $c->request in the session, ask for
> > authentication, then if successfull restore the stored request to $c and call
> > $c->dispatch. But after playing around a bit, it appears not to be that
> > simple (the context is stored in the request as '_context', the body seems
> > fetched only on-demand, dispatch seems to need some prepare_* methods to be
> > called).
> >
> > I searched the list and only found this proposition for a similar mechanism:
> > http://lists.scsys.co.uk/pipermail/catalyst/2007-February/012256.html
> >
> > Am I missing an easier way of doiing this?
>
> Yes.
>
> Don't try and serialize $c->req, just dump any POST data back out into
> hidden fields in the login form, don't change the URL, and have the login
> form processed in a forward() from auto or similar rather than doing a
> detach. This is how I handle "user needs to log in to continue" across the
> board and it makes life much simpler.
>
> i.e. something like
>
> sub auto :Private {
>   my ($self, $c) = @_;
>   unless ($c->user_exists) {
>     unless ($c->forward('try_login')) {
>       $c->detach('show_login_form');
>       return 0;
>     }
>   }
>   return 1;
> }
>
> sub try_login :Private {
>   my ($self, $c) = @_;
>   my $b = $c->req->body_parameters;
>   return 0 unless $b->{__username};
>   return $c->authenticate({
>            username => $b->{__username}
>            password => $b->{__password}
>          });
> }
>

And how do you handle file uploads? Do you save them in the session?

-- 
Jonas