<div dir="ltr">I you mean trust &quot;user&quot;, then yes. Put a `if $c-&gt;user&#39; somewhere in your Root Controller - perhaps an auto action - and redirect if user is undef.<div><br></div><div>`user` is populated by Catalyst::Plugin::Authentication[1]</div><div><br></div><div><br></div><div>[1] <a href="http://search.cpan.org/~bobtfish/Catalyst-Plugin-Authentication-0.10023/lib/Catalyst/Plugin/Authentication.pm">http://search.cpan.org/~bobtfish/Catalyst-Plugin-Authentication-0.10023/lib/Catalyst/Plugin/Authentication.pm</a><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 17 September 2017 at 14:49, Gavin Henry <span dir="ltr">&lt;<a href="mailto:gavin.henry@gmail.com" target="_blank">gavin.henry@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto">Hi all,<div dir="auto"><br></div><div dir="auto">Can I trust this to use use to redirect a user after login (session expired etc) or should I validate it against¬†$c-&gt;uri_for()</div><div dir="auto"><br></div><div dir="auto">Thanks.¬†</div></div>
<br>______________________________<wbr>_________________<br>
List: <a href="mailto:Catalyst@lists.scsys.co.uk">Catalyst@lists.scsys.co.uk</a><br>
Listinfo: <a href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst" rel="noreferrer" target="_blank">http://lists.scsys.co.uk/cgi-<wbr>bin/mailman/listinfo/catalyst</a><br>
Searchable archive: <a href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/" rel="noreferrer" target="_blank">http://www.mail-archive.com/<wbr>catalyst@lists.scsys.co.uk/</a><br>
Dev site: <a href="http://dev.catalyst.perl.org/" rel="noreferrer" target="_blank">http://dev.catalyst.perl.org/</a><br>
<br></blockquote></div><br></div>