NAME

Egg::Plugin::SessionKit::Auth - Authentication of session base.

SYNOPSIS

use Egg qw/ SessionKit::Auth::File FillInForm /;

__PACKAGE__->egg_startup(
  .......
  ...

  plugin_session=> {
    .......
    ...
    auth=> {
      psw_crypt_type => 'MD5',
      uid_param_name => '__uid',
      psw_param_name => '__psw',
      data_path      => '<$e.dir.etc>/members.txt',
      constant       => [qw/ uid psw active email nickname /],
      uid_db_field   => 'uid',
      psw_db_field   => 'psw',
      active_db_field=> 'active',
      messages=> {
        uid_undefined => 'Please input ID.',
        psw_undefined => 'Please input the password.',
        ...
        },
      },
    },

  plugin_fillinform=> {
    fill_password => 0,
    ignore_fields => [qw/ ticket /],
    },

  );

Example of authentication form. (Egg::View::Mason)

% if (my $error_message = $e->auth->errstr) {
  <div class="error"><% $error_message %></div>
% }
<form method="POST" action="/auth">
<input type="hidden" name="ticket" value="<% $e->ticket_id(1) %>" />
USER-ID : <input name="__uid" type="text" /> <br />
PASSWORD: <input name="__psw" type="password" /> <br />
<input type="submit" />
</form>

Example of code.

# The Auth object is acquired.
my $auth= $e->auth;

# The input of the login form is checked.
my $user_id;
if ($e->ticket_check and  $user_id= $e->auth->login) {
   $e->response->redirect('/members');
} else {
   Login form is displayed again.
}

# The user who is logging it in now is checked.
if (my $user_id= $e->user_name) {
  print "is login: $user_id";
} else {
  print "It doesn't login.";
}

# Refer to user's data after it logs it in.
my $user= $e->auth->user;
print " NickName : $user->{nickname} \n";
print " E-mail   : $user->{email} \n";

# The data of an arbitrary user is acquired.
if (my $user= $e->auth->restore($user_id)) {
  print " NickName : $user->{nickname} ";
} else {
  print "There is no registration.";
}

# Logout.
$e->auth->logout;

DESCRIPTION

It is a plugin that offers the attestation function of the session base.

* Please load the subclass into this plugin specifying it.

CONFIGURATION

Please define it in 'plugin_session->{auth}' with HASH.

uid_param_name

Name used for id field of login form.

Default is '__uid'.

psw_param_name

Name used for password field of login form.

Default is '__psw'.

uid_db_field

Name of column used to refer to ID of attestation data.

Default is 'uid'.

psw_db_field

Name of column used to refer to password of attestation data.

Default is 'psw'.

active_db_field

Name of column used to refer to effective flag of attestation data.

Default is 'active'.

psw_crypt_type

Module name to collate password code of attestation data by processing it. This name is supplemented with 'Egg::Plugin::SessionKit::Auth::Crypt'.

Default is 'Plain'.

The following code processing modules are contained in the standard.

L<Egg::Plugin::SessionKit::Auth::Crypt::Plain>,
L<Egg::Plugin::SessionKit::Auth::Crypt::CBC>,
L<Egg::Plugin::SessionKit::Auth::Crypt::MD5>,

message => [MESSAGE_HASH]

The message of the login error can be set.

Please register the message with the following keys.

uid_undefined  ..... Please input id.
psw_undefined  ..... Please input the password.
no_regist      ..... It is not registered.
unactive       ..... It is not effective id.
discord_psw    ..... Mistake of password.
unset_psw      ..... The password is not set.
secure_onry    ..... Please use it by the SSL connection.
internal_error ..... The error not anticipated occurred.
custom_message ..... Disagreement of ticket id.

... etc.

Other settings are different according to the subclass that uses it.

The following subclasses are included in the standard.

L<Egg::Plugin::SessionKit::Auth::File>,
L<Egg::Plugin::SessionKit::Auth::DBI>,
L<Egg::Plugin::SessionKit::Auth::DBIC>,

METHODS

auth

The handler object is returned.

user_name

It is an accessor to $e->auth->user_name.

user_data

Other data of the user under login is returned by the HASH reference.

reset_auth

It tries to make the object of the module of this now newly.

HANDLER METHODS

new

Constructor.

login ( [USER_ID], [LOGIN_PASSWD] )

The attestation data is returned with HASH when collating data and succeeding in login.

When USER_ID is omitted, it acquires it from 'get_uid_param' method.

When LOGIN_PASSWD is omitted, it acquires it from 'get_psw_param' method.

* The message is set in 'error' method when failing in login. Please use 'errstr' method to refer.

if (my $user_data= $e->auth->login) {
  .....
  ...

logout

It logs out if it is login.

user

User's registration data is returned by the HASH reference if it is logging it in.

my $nickname= $e->auth->user->{nickname};

user_name

User ID that succeeds in the attestation is returned.

* 0 returns when failing in the attestation.

get_uid_param

User ID is returned from the form data based on 'uid_param_name'.

get_psw_param

The login password is returned from the form data based on 'psw_param_name'.

error ( [ERROR_MESSAGE] )

The error message is stored.

errstr

The error set by 'error' method is returned by the message for the screen output.

... etc. ( error methods ),

error_uid_undefined
error_psw_undefined
error_no_regist
error_unactive
error_discord_psw
error_unset_psw

The above-mentioned method is contained as an accessor of 'error' method. A prescribed error is set only by calling this method. The above-mentioned method always returns 0.

WARNING

After the attestation succeeds, the acquired data is preserved in the session. This data becomes invalid the session or is effective until being logged out. Therefore, it is not in real data, and comes to come to refer to the data of the session after login succeeds.

This method is high-speed treatable of a frequent attestation, and there is a thing that the contradiction of data is generated when real data is corrected.

To our regret, the method of settlement is not being offered in a present version.

SEE ALSO

Egg::Plugin::SessionKit, Egg::Plugin::SessionKit::Auth::DBI, Egg::Plugin::SessionKit::Auth::DBIC, Egg::Plugin::SessionKit::Auth::File, Egg::Plugin::SessionKit::Auth::Crypt::CBC, Egg::Plugin::SessionKit::Auth::Crypt::MD5, Egg::Plugin::SessionKit::Auth::Crypt::Plain, Egg::Model::DBI, Egg::Model::DBIC, Egg::Release,

AUTHOR

Masatoshi Mizuno <lushe@cpan.org>

COPYRIGHT

Copyright (C) 2007 by Bee Flag, Corp. <http://egg.bomcity.com/>, All Rights Reserved.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.