[dancer-users] Dancer::Plugin::Auth::Extensible - possible backwards-incompatible change
David Precious
davidp at preshweb.co.uk
Tue Dec 11 12:43:09 GMT 2012
On Tue, 11 Dec 2012 13:47:28 +0200
"Octavian Rasnita" <orasnita at gmail.com> wrote:
> Hi,
>
> Maybe is a stupid suggestion that might not even be possible to do,
> but I think the syntax would look nicer if would be something like:
>
> get '/secret' => sub {
> requires_login;
> ...
> };
>
> get '/beer' => sub {
> requires_role 'BeerDrinker';
> ...
> };
Should be possible! I'm not a big fan of that approach as it seems a
little... manual; it feels only a step away from doing all the checking
yourself :)
My other objection is that it would be easy to forget to add the
appropriate requires_* keyword call to a route, and thus have that
route unprotected; one of the options I'd been planning with the
current attributes-based approach was a setting to require all routes
to have attributes set (and adding a new NoLoginNeeded one), so that
you could optionally protect yourself against accidentally forgetting
to protect newly-added routes.
Having said that, though, it would be quite easy that way.
--
David Precious ("bigpresh") <davidp at preshweb.co.uk>
http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter
www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook
www.preshweb.co.uk/cpan www.preshweb.co.uk/github
More information about the dancer-users
mailing list