[Catalyst] HTTP authentication with DBIx::Class

Dermot paikkos at gmail.com
Tue May 17 09:45:55 GMT 2016


We had a similar problem at $work. To get what we wanted we had to stop
using the HTTP plugin and do something like this (warning: hand-written,
un-tested code follows) in the Root controller.

my ( $username, $password ) = $c->request->headers->authorization_basic;
my $logged_in_user;
if ( defined $username && defined $password ) {
   some_method_in_users_that_concatenates_and_athenticates($username,
$password);
}

if ($logged_in_user) {
   $c->stash(user => $logged_in_user;
   ...
}
else {
  $c->response->header('WWW-Authenticate' => 'Basic realm="MyRealm");
  $c->response->content_type('text/plain');
  $c->response->status(401);
  $c->detach();
}


HTH,
Dermot

On 13 May 2016 at 16:32, Gerhard Jungwirth <gjungwirth at sipwise.com> wrote:

> Hi,
>
> I am using Catalyst::Authentication::Store::DBIx::Class and
> Catalyst::Authentication::Credential::HTTP with the following
> configuration:
>
>         my_realm => {
>             credential => {
>                 class => 'HTTP',
>                 type => 'basic',
>                 username_field => 'username',
>                 password_field => 'password',
>                 password_type => 'clear',
>             },
>             store => {
>                 class => 'DBIx::Class',
>                 user_model => 'DB::my_user_table',
>             },
>         },
>
> Which works great. The thing is: I want the user to authenticate in the
> form "username at domain:password" using HTTP Basic Authentication, where
> username and domain are checked against separate fields in my DBIx::Class
> table. (Ideally, domain is checked against a related table in my schema)
>
> Is that supported? If not, can it be added? If not, how do you suggest I
> implement that?
>
> Thanks and Cheers,
> Gerhard
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.scsys.co.uk/pipermail/catalyst/attachments/20160517/fd7748c4/attachment.htm>


More information about the Catalyst mailing list