[dancer-users] 2018 Dancer Advent Calendar

Johannes Hoerburger info at hoerburger.org
Fri Oct 12 07:50:52 BST 2018


Somehing like that?

------------------- cut here -------------------------
# ------------- 
# Main MyFancyApp.pm
# -------------
use utf8;
package MyFancyApp;
use Dancer2;
use Dancer2::Plugin::DBIC;
use Dancer2::Plugin::Auth::Tiny;
use Dancer2::Plugin::Deferred;
use YAML;
use Cache::Memcached;

our $VERSION = '0.1';

prefix undef;

# ------------- 
# Inside each controller that requires authentication 
# (may be better in a Dancer::Plugin::Auth::Tiny::MySpecialAuthExtension?)
# -------------
Dancer2::Plugin::Auth::Tiny->extend(
  role => sub {
    my ($dsl, $Roles, $coderef) = @_;
    if ( ref $Roles eq '' ) {
        $Roles = [ $Roles ];
    }
    return sub {
        my $SessionData = $dsl->app->session->read('User');
        if ( grep { $SessionData->{'Roles'}->{$_} } @{$Roles} ) {
            goto $coderef;
        }
        else {
            $dsl->app->redirect('/auth/login');
        }
    };
  }
);

# Paths start that way
get '' => needs role => ['Root', 'Admin',  ] => sub {
}
# ---------------
# Authentication part
# ---------------

use utf8;
package MyFancyApp::Auth::Login;
use Dancer2 appname => 'MyFancyApp';
use Dancer2::Plugin::DBIC;
use Dancer2::Plugin::Auth::Tiny;
use Dancer2::Plugin::Deferred;
use Dancer2::Plugin::Passphrase;

prefix '/auth';

post '/login' => sub {

    my %Param = params;
    my $Login = $Param{login};


    # If the login doesn't contain a dot and characters before and after
    # Login failed => display username unknown in class alert-warning and redirect to auto login again
    if ( $Login !~ /(.+)\.(.+)/ ) {
            deferred error => 'Username unknown.';
            deferred class => 'alert-warning';
            redirect '/auth/login';
    };

    my $Ident  = $1;
    my $User = $2;

    my $Password = $Param{password};
    my $PasswordHashed = passphrase( 
             $Password 
         )->generate;

    $RS = schema('default')->resultset('User')->search(
        {
            'company.ident' => $Ident,
            'login'         => $User,
            'password'      => $PasswordHashed,
        },
        {
            join => 'company',
        },
    );

    if ( ! $RS ) {
            deferred error => 'Username or password incorect.';
            deferred class => 'alert-warning';
            redirect '/auth/login';
    }

    my $CompanyID = $RS->company->id;
    my $UserID = $RS->id;
    my %Roles;
    for my $Role ( $RS->user_roles->all ) {
        $Roles{$Role->role->name} = 1;
    }
    
    session->write(
        'User' , {
            User      => $Login, 
            Ident     => $Ident,
            Login     => $User,
            Roles     => \%Roles,
            CompanyID => $CompanyID,
            UserID    => $UserID,
        },
    );

    my $SessionData = session->read('User');
    
    return redirect params->{return_url} || '/';
}; 

post '/logout' => sub {

    my %Param = params;
    session->delete('User');

    deferred error => 'Logout successful.';
    deferred class => 'alert-success';
  
    return redirect  '/auth/login';
}; 
# ---------------
# Config
# ---------------
# Inside config.yml
session: Memcached
engines:
  session:
    Memcached:
      memcached_servers: 
        - 127.0.0.1:11211
        - /var/sock/memcached
plugins:
  Auth::Tiny:
    login_route: /auth/login
------------------- cut here -------------------------
> Am 11.10.2018 um 22:31 schrieb John Stoffel <john at stoffel.org>:
> 
> 
> What I'd love to see if an example of CRUD with Authentication, in a
> skeleton format so I can steal it for my own needs.  I'm too
> dumb/busy/lazy to make it all work myself.  *grin*
> _______________________________________________
> dancer-users mailing list
> dancer-users at dancer.pm
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users



More information about the dancer-users mailing list