1Catalyst::AuthenticatioUns:e:rReCaolnmt:rC:iaPbtruaotlgeyrdsetsP:se:irAvluet(Dh3oe)cnutmiecnattaitoino:n:Realm::Progressive(3)
2
3
4
6 Catalyst::Authentication::Realm::Progressive - Authenticate against
7 multiple realms
8
10 This Realm allows an application to use a single authenticate() call
11 during which multiple realms are used and tried incrementally until one
12 performs a successful authentication is accomplished.
13
14 A simple use case is a Temporary Password that looks and acts exactly
15 as a regular password. Without changing the authentication code, you
16 can authenticate against multiple realms.
17
18 Another use might be to support a legacy website authentication system,
19 trying the current auth system first, and upon failure, attempting
20 authentication against the legacy system.
21
22 EXAMPLE
23 If your application has multiple realms to authenticate, such as a
24 temporary password realm and a normal realm, you can configure the
25 progressive realm as the default, and configure it to iteratively call
26 the temporary realm and then the normal realm.
27
28 __PACKAGE__->config(
29 'Plugin::Authentication' => {
30 default_realm => 'progressive',
31 realms => {
32 progressive => {
33 class => 'Progressive',
34 realms => [ 'temp', 'normal' ],
35 # Modify the authinfo passed into authenticate by merging
36 # these hashes into the realm's authenticate call:
37 authinfo_munge => {
38 normal => { 'type' => 'normal' },
39 temp => { 'type' => 'temporary' },
40 }
41 },
42 normal => {
43 credential => {
44 class => 'Password',
45 password_field => 'secret',
46 password_type => 'hashed',
47 password_hash_type => 'SHA-1',
48 },
49 store => {
50 class => 'DBIx::Class',
51 user_model => 'Schema::Person::Identity',
52 id_field => 'id',
53 }
54 },
55 temp => {
56 credential => {
57 class => 'Password',
58 password_field => 'secret',
59 password_type => 'hashed',
60 password_hash_type => 'SHA-1',
61 },
62 store => {
63 class => 'DBIx::Class',
64 user_model => 'Schema::Person::Identity',
65 id_field => 'id',
66 }
67 },
68 }
69 }
70 );
71
72 Then, in your controller code, to attempt authentication against both
73 realms you just have to do a simple authenticate call:
74
75 if ( $c->authenticate({ id => $username, password => $password }) ) {
76 if ( $c->user->type eq 'temporary' ) {
77 # Force user to change password
78 }
79 }
80
82 realms
83 An array reference consisting of each realm to attempt
84 authentication against, in the order listed. If the realm does not
85 exist, calling authenticate will die.
86
87 authinfo_munge
88 A hash reference keyed by realm names, with values being hash
89 references to merge into the authinfo call that is subsequently
90 passed into the realm's authenticate method. This is useful if
91 your store uses the same class for each realm, separated by some
92 other token (in the EXAMPLE authinfo_mungesection, the 'realm' is a
93 column on "Schema::Person::Identity" that will be either 'temp' or
94 'local', to ensure the query to fetch the user finds the right
95 Identity record for that realm.
96
98 new ($realmname, $config, $app)
99 Constructs an instance of this realm.
100
101 authenticate
102 This method iteratively calls each realm listed in the "realms"
103 configuration key. It returns after the first successful
104 authentication call is done.
105
107 J. Shirley "<jshirley@cpan.org>"
108
109 Jay Kuri "<jayk@cpan.org>"
110
112 Copyright (c) 2008 the aforementioned authors. All rights reserved.
113 This program is free software; you can redistribute it and/or modify it
114 under the same terms as Perl itself.
115
116
117
118perl v5.32.0 Cat2a0l2y0s-t0:7:-A2u8thentication::Realm::Progressive(3)