The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.

NAME

Plack::Middleware::Auth::Form

VERSION

version 0.012

SYNOPSIS

builder {
    enable 'Session';
    enable 'Auth::Form', authenticator => \&check_pass;
    \&my_app
}

DESCRIPTION

/login

a page with a login form

/logout

logouts the user (only on a POST) and redirects him to after_logout or /.

After a succesful login the user is redirected back to url identified by the redir_to session parameter. You can set it using the psgix session hash:

$env->{'psgix.session'}{redir_to} = '/some/page';

see Plack::Middleware::Session for more explanations.

It also sets that session parameter from $env->{HTTP_REFERER} if it is not set or to / if even that is not available. The username (or id) is saved to user_id session parameter, if you want to save an id different from the username - then you need to return a hashref from the authenticator callback described below.

If the login page looks too simplistic - the application can take over displaying it by setting the no_login_page attribute. Then the the login form will be saved to $env->{'Plack::Middleware::Auth::Form.LoginForm'}.

CONFIGURATION

authenticator

A callback function that takes username and password supplied and returns whether the authentication succeeds. Required.

Authenticator can also be an object that responds to authenticate method that takes username and password and returns boolean, so backends for Authen::Simple is perfect to use:

use Authen::Simple::LDAP;
enable "Auth::Form", authenticator => Authen::Simple::LDAP->new(...);

The callback can also return a hashref with three optional fields error - the reason for the failure, user_id - the user id to be saved in the session instead of the username, and redir_to - a user defined redirection page.

no_login_page

Save the login form on $env->{'Plack::Middleware::Auth::Form.LoginForm'} and let the application display the login page (for a GET request).

after_logout

Where to go after logout, by default '/'.

secure

Make the login form redirect to https if requested with http.

ssl_port

The port for the https requests.

SEE ALSO

Plack CatalystX::SimpleLogin

ACKNOWLEDGEMENTS

The authenticator code and documentation copied from Plack::Middleware::Auth::Basic.

CONTRIBUTORS

Tokuhiro Matsuno chromatic hayajo Kaare Rasmussen Oliver Paukstadt G. Paul Ziemba

AUTHOR

Zbigniew Lukasiak <zby@cpan.org>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2011 by Zbigniew Lukasiak <zby@cpan.org>.

This is free software, licensed under:

The Artistic License 2.0 (GPL Compatible)