NAME
App::MFILE::WWW::Dispatch - app dispatch stub
SYNOPSIS
TBD
DESCRIPTION
This is where we override the default version of the is_authorized method defined by Web::Machine::Resource.
This module is only used in standalone mode. In derived distribution mode, the application's dispatch module will be used, instead.
METHODS
process_post
POST requests are assumed to be AJAX calls. Their entity bodies must be valid JSON with the following simple structure:
{ method: HTTP_METHOD, path: RESOURCE, body: BODY_JSON }where HTTP_METHOD is any HTTP method accepted by the REST server, RESOURCE is a valid path to a REST server resource, and BODY_JSON is the content body to be sent in the HTTP request to the REST server. Provided the request is properly authorized and the body is well-formed, the request is forwarded to the REST server via the App::MFILE package's rest_req routine and the REST server's response is sent back to the user's browser, where it is processed by the JavaScript code.
In derived-distro mode, this structure is expected to be translated into a "real" HTTP request, to be forwarded via the LWP::UserAgent object stored in the session data. The status object received in the response is then passed back to the JavaScript side.
There is one special case: the POST request from the login dialog looks like this:
{ method: "LOGIN", path: "login", body: { nam: "foo", pwd: "bar" } }Login requests receive special handling.
validate_user_credentials
Called either from process_post on login AJAX requests originating from the JavaScript side (i.e. the login screen in login-dialog.js, via login.js), or directly from is_authorized if the MFILE_WWW_BYPASS_LOGIN_DIALOG mechanism is activated.
Returns a status object - OK means the login was successful; all other statuses mean unsuccessful.
_logout
Called from process_post to process logout requests (special AJAX requests) originating from the JavaScript side.