Catalyst::Authentication::Realm::Progressive(3pm)

1Catalyst::AuthenticatioUns:e:rReCaolnmt:rC:iaPbtruaotlgeyrdsetsP:se:irAvluet(Dh3oe)cnutmiecnattaitoino:n:Realm::Progressive(3)
2
3
4

NAME

6       Catalyst::Authentication::Realm::Progressive - Authenticate against
7       multiple realms
8

SYNOPSIS

10       This Realm allows an application to use a single authenticate() call
11       during which multiple realms are used and tried incrementally until one
12       performs a successful authentication is accomplished.
13
14       A simple use case is a Temporary Password that looks and acts exactly
15       as a regular password. Without changing the authentication code, you
16       can authenticate against multiple realms.
17
18       Another use might be to support a legacy website authentication system,
19       trying the current auth system first, and upon failure, attempting
20       authentication against the legacy system.
21
22   EXAMPLE
23       If your application has multiple realms to authenticate, such as a
24       temporary password realm and a normal realm, you can configure the
25       progressive realm as the default, and configure it to iteratively call
26       the temporary realm and then the normal realm.
27
28        __PACKAGE__->config(
29           'Plugin::Authentication' => {
30               default_realm => 'progressive',
31               realms => {
32                   progressive => {
33                       class => 'Progressive',
34                       realms => [ 'temp', 'normal' ],
35                       # Modify the authinfo passed into authenticate by merging
36                       # these hashes into the realm's authenticate call:
37                       authinfo_munge => {
38                           normal => { 'type' => 'normal' },
39                           temp   => { 'type' => 'temporary' },
40                       }
41                   },
42                   normal => {
43                       credential => {
44                           class => 'Password',
45                           password_field => 'secret',
46                           password_type  => 'hashed',
47                           password_hash_type => 'SHA-1',
48                       },
49                       store => {
50                           class      => 'DBIx::Class',
51                           user_model => 'Schema::Person::Identity',
52                           id_field   => 'id',
53                       }
54                   },
55                   temp => {
56                       credential => {
57                           class => 'Password',
58                           password_field => 'secret',
59                           password_type  => 'hashed',
60                           password_hash_type => 'SHA-1',
61                       },
62                       store => {
63                           class    => 'DBIx::Class',
64                           user_model => 'Schema::Person::Identity',
65                           id_field   => 'id',
66                       }
67                   },
68               }
69           }
70        );
71
72       Then, in your controller code, to attempt authentication against both
73       realms you just have to do a simple authenticate call:
74
75        if ( $c->authenticate({ id => $username, password => $password }) ) {
76            if ( $c->user->type eq 'temporary' ) {
77                # Force user to change password
78            }
79        }
80

CONFIGURATION

82       realms
83           An array reference consisting of each realm to attempt
84           authentication against, in the order listed.  If the realm does not
85           exist, calling authenticate will die.
86
87       authinfo_munge
88           A hash reference keyed by realm names, with values being hash
89           references to merge into the authinfo call that is subsequently
90           passed into the realm's authenticate method.  This is useful if
91           your store uses the same class for each realm, separated by some
92           other token (in the EXAMPLE authinfo_mungesection, the 'realm' is a
93           column on "Schema::Person::Identity" that will be either 'temp' or
94           'local', to ensure the query to fetch the user finds the right
95           Identity record for that realm.
96

METHODS

98   new ($realmname, $config, $app)
99       Constructs an instance of this realm.
100
101   authenticate
102       This method iteratively calls each realm listed in the "realms"
103       configuration key.  It returns after the first successful
104       authentication call is done.
105

AUTHORS

107       J. Shirley "<jshirley@cpan.org>"
108
109       Jay Kuri "<jayk@cpan.org>"
110

COPYRIGHT & LICENSE

112       Copyright (c) 2008 the aforementioned authors. All rights reserved.
113       This program is free software; you can redistribute it and/or modify it
114       under the same terms as Perl itself.
115
116
117
118perl v5.28.0                   Cat2a0l1y2s-t0:6:-A3u0thentication::Realm::Progressive(3)