[Dancer-users] Dancer::Plugin::Auth::RBAC Application
Flavio Poletti
polettix at gmail.com
Mon Apr 18 16:16:47 CEST 2011
Hi,
no offense intended, but you seem to miss some Perl basics and I think
that this might be a major problem apart specific problems with Dancer. In
particular, you should study a bit about variable scoping and the difference
between package and lexical variables.
Returning to the topic, from what I see, the module is not supposed to
export any $auth variable; as a matter of fact, it only exposes two
functions, i.e. "auth()" and "authd()". The documentation would benefit from
some more examples (e.g. for routes different from '/login') and better
explanation (is authd() expected not to take any parameter? Can I call
auth() without parameters after the login has been done? etc. etc.), but the
bottom line is that you have to retrieve the value for $auth in each route:
my $auth = auth($username, $password);
If you actually need to provide a $username and $password at each call for
auth() (i.e. if auth() does not save these parameters inside a session for
you, this is not clear from the documentation even though it seems to
suggest it) you can save them inside the session, e.g. when you run the
/login route:
post '/login' => sub {
my $auth = auth(params->{username}, params->{password});
if (! $auth->errors) {
flash ok => 'Login ok';
session username => params->{username};
session password => params->{password};
redirect '/';
}
else {
flash error => 'Login Error';
redirect '/login';
}
};
and then use these values in other routes, e.g. when getting the root
document:
get '/' => sub {
my $auth = auth(session('username'), session('password'));
if $auth->asa('guest') ) {
redirect '/login';
}
else {
template 'index';
}
};
Hope this helps,
Flavio.
On Mon, Apr 18, 2011 at 3:47 PM, Forgoselo Fontardion
<fontardion at gmail.com>wrote:
> Hello Flavio:
>
> May be I didn't explained the problem properly. Excuseme for taking so many
> days to answer, but I've out off the office for the weekend.
>
> In my first route '/':
>
> - The RBAC plugin doesn't export the variable $auth, so the program
> can't access information as type of user, using the "asa" function.
> - The error given by the perl parser when executing app.pl is: *Variable
> "$auth" is not imported*
> - If I add a *my $auth;* to the root of the package the error returned
> would be: *Can't call method "asa" on an undefined value*. This is due
> to the $auth isn't an object.
>
>
> In the second route '/logn':
> No problem arises because the $auth is declared there.
>
> In the third route '/logout':
> The same problem as in the first route.
>
>
> Best regards,
> Fontardion
>
>
> 2011/4/15 Flavio Poletti <polettix at gmail.com>
>
>> Please report your errors as well.
>>
>> At first glance, it seems that you're trying to use $auth as a global
>> variable, but you use "my" inside '/login' which means that inside that
>> route you're dealing with a different variable.
>>
>> Cheers,
>>
>> Flavio.
>>
>>
>> On Thu, Apr 14, 2011 at 6:53 PM, Forgoselo Fontardion <
>> fontardion at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I'm startirng to create a new web application, my first dancer's one.
>>>
>>> I'm testing the RBAC plugin. I've found a problem that I can't solve.
>>> When I try to use a function to check the status of the login, in example to
>>> check if a user has admin role or to revoke its permissions. In the cases
>>> previously described I found an error, because the $auth scalar variable is
>>> only accessible to the route '/'.
>>>
>>> get '/' => sub {
>>> if $auth->asa('guest') ) {
>>> redirect '/login';
>>> }
>>> else {
>>> template 'index';
>>> }
>>> };
>>>
>>> post '/login' => sub {
>>> my $auth = auth(params->{username}, params->{password});
>>> if (! $auth->errors) {
>>> flash ok => 'Login ok';
>>> redirect '/';
>>> }
>>> else {
>>> flash error => 'Login Error';
>>> redirect '/login';
>>> }
>>>
>>> };
>>>
>>> get '/logout' => sub {
>>> $auth->revoke();
>>> flash ok => 'Session Closed';
>>> redirect '/';
>>> };
>>>
>>> Best regards,
>>> Fontardion
>>>
>>> _______________________________________________
>>> Dancer-users mailing list
>>> Dancer-users at perldancer.org
>>> http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
>>>
>>>
>>
>> _______________________________________________
>> Dancer-users mailing list
>> Dancer-users at perldancer.org
>> http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
>>
>>
>
> _______________________________________________
> Dancer-users mailing list
> Dancer-users at perldancer.org
> http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.backup-manager.org/pipermail/dancer-users/attachments/20110418/b9d9e024/attachment.htm>
More information about the Dancer-users
mailing list