NAME

Catalyst::Authentication::Store::DBI::ButMaintained - Storage class for Catalyst Authentication using DBI

SYNOPSIS

use Catalyst qw(Authentication);

__PACKAGE__->config->{'authentication'} = {
	default_realm => 'default'
	, realms => {
		default => {
			credential => {
				class                 => 'Password'
				, password_field      => 'password'
				, password_type       => 'hashed'
				, password_hash_type  => 'SHA-1'
			}
			store => {
				class                => 'DBI::ButMaintained'
				, user_schema        => 'authentication' # Not required
				, user_table         => 'login'
				, user_key           => 'id'
				, user_name          => 'name'

				## Role stuff is not needed if you want to subclass or not use roles
				, role_table         => 'authority'
				, role_key           => 'id'
				, role_name          => 'name'
				, user_role_table    => 'competence'
				, user_role_user_key => 'login'
				, user_role_role_key => 'authority'
			},
		},
	},
};

sub login :Global {
	my ($self, $c) = @_;
	my $req = $c->request();

	# catch login failures
	unless ($c->authenticate({
		'name'       => $req->param('name')
		, 'password' => $req->param('password')
	})) {
	...
	}

	...
}

sub something :Path {
	my ($self, $c) = @_;

	# handle missing role case
	unless ($c->check_user_roles('editor')) {
	...
}

DESCRIPTION

This module implements the Catalyst::Authentication API using Catalyst::Model::DBI.

It uses DBI to let your application authenticate users against a database and it provides support for Catalyst::Plugin::Authorization::Roles.

History

This module started off as a patch to Catalyst::Authentication::Store::DBI. I was unable to get ahold of the author, JANUS after he had said that he was willing to cede maintainership. This combined with my inability to provide support on official catalyst mediums -- I credit (mst) Matthew Trout's desire to instigate matters when someone is trying to provide a patch -- leads me to fork.

You can get official support on this module in on irc.freenode.net's #perlcafe.

Config

The store is fully capable of dealing with more complex schemas by utilizing the where condition in find_user. Now, if your role schema is different from the below diagram then simply subclass Catalyst::Authentication::Store::DBI::ButMaintained::User and set store_user_class in the config. Currently, this is probably the most likely reason to subclass the User.

The authenticate method takes a hash ref that will be used to serialize and unserialize the user if there is no single user_key. Composite keys are not currently supported in user_key

The default database configuration

This module was created for the following configuration:

role_table            user_role_table
===================   ===================
role_id | role_name   role_id | user_id
-------------------   -------------------
0       | role        0       | 1

user_table
===================
user_id | user_name
-------------------
0       | Evan "The Man" Carroll

METHODS

new

find_user

Will find a user with provided information

for_session

This does not truely serialize a user from the session. If there is a user_key in the config it saves that users value to a hash; otherwise, it saves the entire authinfo condition from the call to authenticate.

from_session

Will either find_user based on the user_key, or auth_info provided to authenticate

user_supports

get_config( $scalar )

Accessor used for getting to the authentication modules configuration as set in the Catalyst config.

_safe_escape

Internal method only: takes a copy of $dbh, and a hash with keys of database, schema, table and column and escapes all that is provided joining them on a period for use in prepaired statements.

SEE ALSO

Catalyst::Plugin::Authentication
Catalyst::Model::DBI
Catalyst::Plugin::Authorization::Roles

AUTHOR

Evan Carroll, <cpan@evancarroll.com>

(v.01) Simon Bertrang, <simon.bertrang@puzzworks.com>

AUTHOR

Copyright (c) 2010 Evan Carroll, http://www.evancarroll.com/

Original Catalyst::Authentication::Store::DBI

Copyright (c) 2008 PuzzWorks OHG, http://puzzworks.com/

LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.