[Catalyst] How to do pass-through login?

Thu Jul 9 14:57:25 GMT 2009

On Thu, Jul 9, 2009 at 5:03 AM, Gunnar Strand<gunnarstrand at yahoo.com> wrote:
>
> Hi,
>
> I am looking for a way to send users to the login screen if they are
> trying to access a restricted path, and if the login is valid, the
> original request should just continue like this:

A [rather long while ago] I rolled my own using the flash.
This happens to be the only way I use the flash in this app.

package MA:C:Root;

sub auto : Private {
  my ($self, $c ) = @_;

  # Exit early if going to a public path
  return 1 if( grep { $c->action->reverse eq $_; } qw/login index/ );

  if ( ! $c->user_exists ) {
        # Save a submission the user tried to do in the flash.
        # The {uri} will be redirected to after login.
        # The {params} will be mapped in during that request.
        if ( scalar keys % {$c->request->params} ) {
            $c->flash->{params} = $c->request->params;
        }
        $c->flash->{uri} = $c->request->uri;
        $c->response->redirect('/login');
        return 0; # stop processing
    }

    # Restore saved params
    if ( defined $c->flash->{params} and not scalar % {$c->request->params} ) {
        # A submission was saved after the user logged out or (more
likely) expired.
        # Populate the params with the saved values.
        $c->request->params( $c->flash->{params} );
    }

    return 1; #continue processing
}

sub login : Local {
    # Handle Auth ...
    # ...

        # Where to go now?
        if ( scalar keys % { $c->flash } ) {
            # The user has a saved action in the ->flash.
            # Redirect there instead and maintain any {params}
            # so they can be loaded next time.
            $c->response->redirect($c->flash->{uri});
            $c->keep_flash(qw/params/);
        } else {
            $c->response->redirect('/');
        }
}

###

[kind?] Comments on it's ugliness/fitness would be appreciated.
$work is such that I rarely get time to revisit code after it "works"
and I did this possibly 2 years go :|

HTH,
-- 
Nate Nuss

>
> 1. myapp <- GET /member/only
> 2. myapp -> /login_form
> 3. myapp <- POST /login
> 4. myapp -> /member/only
>
> I guess this is what is called "pass-through login (and other actions)"
> in the Cookbook, but I can't understand the description:
>
> "Provide actions for these, but when they're required for something else
> fill e.g. a form variable __login and have a sub begin like so:"
>
>    sub begin : Private {
>      my ($self, $c) = @_;
>      foreach my $action (qw/login docommand foo bar whatever/) {
>        if ($c->req->params->{"__${action}"}) {
>          $c->forward($action);
>        }
>      }
>    }
>
>
> Where is the data from the original request stored? Is everything stored
> in the "__$action" key including any values in a form submission?
>
> An example on how pass-through works would be very helpful.
>
> I would have expected something like this (pseudo-code):
>
> In "begin" for /member/only:
> unless ( $c -> user_exists() ) {
>  $c -> delay_action();       # Saves state in Flash or Session
>  $c -> forward('/login_form');
> }
>
> In "login" after authentication:
> if ( $c -> restore_action() ) {
>  $c -> continue_action();
> }
>
> KR,
> Gunnar
>
>
>
>
>
>
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>