NAME

Dancer2::Plugin::EncryptID - Obfuscate IDs/string in URLs

VERSION

Version 0.01

DESCRIPTION

This module makes easy to obfuscate internal IDs when using them in a URL given to users. Instead of seeing http://example.com/item/42 users will see http://example.com/item/c98ea08a8e8ad715 . This will prevent nosy users from trying to iterate all items based on a simple ID in the URL.

CONFIGURATION

Configuration requires a secret key at a minimum.

Either put this in your config.yml file:

plugins:
  EncryptID:
    secret: 'my_secret_password'

Or set the secret key at run time, with:

BEGIN {
    set plugins => {
        EncryptID => {
            secret => 'abc123xyz',
            padding_character => '!'
        },
    };
}

SYNOPSIS

    package MyApp;

    use strict;
    use warnings;

    use Dancer2;

    BEGIN { # would usually be in config.yml
        set plugins => {
            EncryptID => {
                secret => 'abc123xyz',
                padding_character => '!'
            },
        };
    }

    use Dancer2::Plugin::EncryptID;

    get '/' => sub {

		# Any ID (numeric or alpha-numeric) you want to obfuscate
		my $someid = int(rand(42)+1);

		my $encoded_id = dancer_encrypt($someid);
		my $url = request->uri_for("/item/$encoded_id");
    };

    get '/item/:encoded_id' => sub {

		# Decode the ID back to clear-text
		my $item_id = dancer_decrypt( params->{encoded_id} ) ;

		return "Showing item '$item_id'";
    };

    1;

SUBROUTINES/METHODS

dancer_encrypt

dancer_encrypt(ID [,PREFIX]) - Encrypt the given ID, returns the encoded hash value. If "PREFIX" is given, it will be added to the ID before encoding. It can be used when decoding to verify the decoded value is valid.

dancer_decrypt

dancer_decrypt(ID) - Decrypt the given ID, returns the original (text) ID value.

is_valid_encrypt_hash

is_valid_encrypt_hash(HASH) - Return true if given encrypt has is valid

AUTHOR

Rakesh Kumar Shardiwal, <rakesh.shardiwal at gmail.com>

BUGS

Please report any bugs or feature requests to bug-dancer2-plugin-encryptid at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Dancer2-Plugin-EncryptID. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Dancer2::Plugin::EncryptID

You can also look for information at:

RT: CPAN's request tracker (report bugs here)

http://rt.cpan.org/NoAuth/Bugs.html?Dist=Dancer2-Plugin-EncryptID
AnnoCPAN: Annotated CPAN documentation

http://annocpan.org/dist/Dancer2-Plugin-EncryptID
CPAN Ratings

http://cpanratings.perl.org/d/Dancer2-Plugin-EncryptID
Search CPAN

http://search.cpan.org/dist/Dancer2-Plugin-EncryptID/

ACKNOWLEDGEMENTS

LICENSE AND COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of the the Artistic License (2.0). You may obtain a copy of the full license at:

http://www.perlfoundation.org/artistic_license_2_0

Any use, modification, and distribution of the Standard or Modified Versions is governed by this Artistic License. By using, modifying or distributing the Package, you accept this license. Do not use, modify, or distribute the Package, if you do not accept this license.

If your Modified Version has been derived from a Modified Version made by someone other than you, you are nevertheless required to ensure that your Modified Version complies with the requirements of this license.

This license does not grant you the right to use any trademark, service mark, tradename, or logo of the Copyright Holder.

This license includes the non-exclusive, worldwide, free-of-charge patent license to make, have made, use, offer to sell, sell, import and otherwise transfer the Package with respect to any patent claims licensable by the Copyright Holder that are necessarily infringed by the Package. If you institute patent litigation (including a cross-claim or counterclaim) against any party alleging that the Package constitutes direct or contributory patent infringement, then this Artistic License to you shall terminate on the date that such litigation is filed.

Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

To install Dancer2::Plugin::EncryptID, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Dancer2::Plugin::EncryptID

CPAN shell

perl -MCPAN -e shell
install Dancer2::Plugin::EncryptID

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)