FAQ
I've tried following the 'require user logins' section of the
Catalyst::Manual::Cookbook but I have a feeling it is out of date and
broken. In particular,the call to '$c->session_login(..., ...)"
causes an error. I suspect it might not have been updated for the
most recent version of the authentication framework.

Since there is no other documentation around on how to achieve the
same functionality, I'm sending out a general plea for someone who
knows how to achieve it to update the cookbook documentation, and/or
post some instructions to this list.

I've tried to make it work myself but although I can get a user
logged in and redirected, I don't seem to be able to carry the login
over multiple sessions. So when I submit the login form, and the log
tells me that the user has successfully been authenticated, all that
happens in practice is that I get the login form returned to me
again. (I've been redirected, during the request for the page it's
been noticed that I'm not logged in, and so I'm redirected to the
login form again.)

Thanks in advance

GHF

Search Discussions

  • Catalyst at Jan 23, 2006 at 5:56 am

    On Mon, 23 Jan 2006, Geoffrey Ferrari wrote:

    I've tried following the 'require user logins' section of the
    Catalyst::Manual::Cookbook but I have a feeling it is out of date and broken.
    In particular,the call to '$c->session_login(..., ...)" causes an error. I
    suspect it might not have been updated for the most recent version of the
    authentication framework.

    Since there is no other documentation around on how to achieve the same
    functionality, I'm sending out a general plea for someone who knows how to
    achieve it to update the cookbook documentation, and/or post some
    instructions to this list.

    I've tried to make it work myself but although I can get a user logged in and
    redirected, I don't seem to be able to carry the login over multiple
    sessions. So when I submit the login form, and the log tells me that the user
    has successfully been authenticated, all that happens in practice is that I
    get the login form returned to me again. (I've been redirected, during the
    request for the page it's been noticed that I'm not logged in, and so I'm
    redirected to the login form again.)

    Thanks in advance

    GHF

    I had this problem myself. IIRC it was caused by using the older
    authentication modules. What versions are you using? If C:P:Session is
    installed and used, session management is transparent to the login process.

    If this is not enough to get you started, post the versions of the Auth and
    Session modules you're using. The cookbook is a little out of date.


    use Catalyst qw/
    -Debug
    Static::Simple FormValidator
    Authentication
    Authentication::Credential::Password
    Authentication::Store::DBIC
    Authorization::Roles
    Session
    Session::Store::FastMmap
    Session::State::Cookie
    /;


    Regards,

    Simon.
  • Yuval Kogman at Jan 23, 2006 at 8:37 am
    http://catalyst.perl.org/calendar/2005/15
    http://catalyst.perl.org/calendar/2005/14
    http://catalyst.perl.org/calendar/2005/24


    --
    () Yuval Kogman <nothingmuch@woobling.org> 0xEBD27418 perl hacker &
    /\ kung foo master: /me does not drink tibetian laxative tea: neeyah!

    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 189 bytes
    Desc: not available
    Url : http://lists.rawmode.org/pipermail/catalyst/attachments/20060123/9d671ae2/attachment.pgp
  • Geoffrey Ferrari at Jan 23, 2006 at 11:20 am
    I've since traced the problem, and it's not quite what I had thought.
    I post the details here, plus my own setup, for anyone else who's
    having difficulty. In short, I was logging in successfully, and the
    logins were carried over between sessions. Unfortunately, the top-
    level auto subroutine in the Manual::Cookbook tests for a logged in
    user using

    $c->request->user

    Apparently the new authentication framework uses $c->user instead.

    Here's my setup anyway:

    In my top level application module (MyApp.pm) I setup the
    authentication plugin and include an auto subroutine. Users should
    note that, as far as I can make out, the Authentication::DBIC module
    uses the hexadecimal output from the SHA-1 hashing algorithm. So your
    passwords in your database must be likewise encrypted as hexadecimal,
    rather than as base_64 or binary. The output from SHA-1 in
    hexadecimal is 40 characters long, so your password field in your
    database needs to be 40 characters long, too.

    use Catalyst qw/-Debug
    DefaultEnd
    Static::Simple
    Authentication
    Authentication::Store::DBIC
    Authentication::Credential::Password
    Session
    Session::Store::FastMmap
    Session::State::Cookie
    /;

    __PACKAGE__->config->{authentication}->{dbic} = {
    user_class => 'MyApp::Model::DBIC::Users', # or
    whichever of your Model Classes
    user_field => 'username', # contains your users
    password_type => 'hashed',
    password_hash_type => 'SHA-1',
    };

    sub auto : Private {
    my ($self, $c) = @_;
    my $login_path = 'auth/login';

    # allow people to actually reach the login page!
    if ($c->request->path eq $login_path) {
    return 1;
    }

    # if we have a user ... we're OK

    $c->res->redirect($c->request->base . $login_path) unless $c-
    user;
    # continue with the processing chain
    return 1;
    }


    Then in Controller::Auth.pm (or whichever module your using, as in
    the $login_path above)

    sub login : Local {
    my ( $self, $c ) = @_;

    $c->stash->{'template'} = "login.tt";
    # default form message
    $c->stash->{'message'} = 'Please enter your username and password';

    if ( my $user = $c->req->param("username")
    and my $password = $c->req->param("password") )
    {
    if ( $c->login( $user, $password ) ) {
    $c->res->redirect('/');
    } else {
    # login incorrect
    $c->stash->{'message'} =
    'Unable to authenticate the login details supplied';
    }
    }
    else {
    # invalid form input
    }
    }


    sub logout : Local {

    my ($self, $c) = @_;
    $c->logout if $c->user;
    $c->res->redirect('/');

    }

    Finally you need a login template. Beside the usual html, you need a
    form, set to post to your login method, which contains a 'username'
    and 'password' field. I have the following from the cookbook

    <form action="/auth/login" method="POST" name="login_form">
    [% message %]<br />
    <label for="username">username:</label><br />
    <input type="text" id="username" name="username" /><br />

    <label for="password">password:</label><br />
    <input type="password" id="password" name="password" /><br />

    <input type="submit" value="log in" name="form_submit" />
    </form>


    As others have already said, the $c->session_login is no longer
    available. Instead the 'use_session' configuration parameter for the
    Authentication framework determines whether the $c->login call will
    persist over sessions. It's true by default.


    On 23 Jan 2006, at 02:12, Geoffrey Ferrari wrote:

    I've tried following the 'require user logins' section of the
    Catalyst::Manual::Cookbook but I have a feeling it is out of date
    and broken. In particular,the call to '$c->session_login
    (..., ...)" causes an error. I suspect it might not have been
    updated for the most recent version of the authentication framework.

    Since there is no other documentation around on how to achieve the
    same functionality, I'm sending out a general plea for someone who
    knows how to achieve it to update the cookbook documentation, and/
    or post some instructions to this list.

    I've tried to make it work myself but although I can get a user
    logged in and redirected, I don't seem to be able to carry the
    login over multiple sessions. So when I submit the login form, and
    the log tells me that the user has successfully been authenticated,
    all that happens in practice is that I get the login form returned
    to me again. (I've been redirected, during the request for the page
    it's been noticed that I'm not logged in, and so I'm redirected to
    the login form again.)

    Thanks in advance

    GHF

    _______________________________________________
    Catalyst mailing list
    Catalyst@lists.rawmode.org
    http://lists.rawmode.org/mailman/listinfo/catalyst
  • Geoffrey Ferrari at Jan 24, 2006 at 10:31 pm
    I've since traced the problem, and it's not quite what I had thought.
    I post the details here, plus my own setup, for anyone else who's
    having difficulty. In short, I was logging in successfully, and the
    logins were carried over between sessions. Unfortunately, the top-
    level auto subroutine in the Manual::Cookbook tests for a logged in
    user using

    $c->request->user

    Apparently the new authentication framework uses $c->user instead.

    Here's my setup anyway:

    In my top level application module (MyApp.pm) I setup the
    authentication plugin and include an auto subroutine. Users should
    note that, as far as I can make out, the Authentication::DBIC module
    uses the hexadecimal output from the SHA-1 hashing algorithm. So your
    passwords in your database must be likewise encrypted as hexadecimal,
    rather than as base_64 or binary. The output from SHA-1 in
    hexadecimal is 40 characters long, so your password field in your
    database needs to be 40 characters long, too.

    use Catalyst qw/-Debug
    DefaultEnd
    Static::Simple
    Authentication
    Authentication::Store::DBIC
    Authentication::Credential::Password
    Session
    Session::Store::FastMmap
    Session::State::Cookie
    /;

    __PACKAGE__->config->{authentication}->{dbic} = {
    user_class => 'MyApp::Model::DBIC::Users', # or
    whichever of your Model Classes
    user_field => 'username', # contains your users
    password_type => 'hashed',
    password_hash_type => 'SHA-1',
    };

    sub auto : Private {
    my ($self, $c) = @_;
    my $login_path = 'auth/login';

    # allow people to actually reach the login page!
    if ($c->request->path eq $login_path) {
    return 1;
    }

    # if we have a user ... we're OK

    $c->res->redirect($c->request->base . $login_path) unless $c-
    user;
    # continue with the processing chain
    return 1;
    }


    Then in Controller::Auth.pm (or whichever module your using, as in
    the $login_path above)

    sub login : Local {
    my ( $self, $c ) = @_;

    $c->stash->{'template'} = "login.tt";
    # default form message
    $c->stash->{'message'} = 'Please enter your username and password';

    if ( my $user = $c->req->param("username")
    and my $password = $c->req->param("password") )
    {
    if ( $c->login( $user, $password ) ) {
    $c->res->redirect('/');
    } else {
    # login incorrect
    $c->stash->{'message'} =
    'Unable to authenticate the login details supplied';
    }
    }
    else {
    # invalid form input
    }
    }


    sub logout : Local {

    my ($self, $c) = @_;
    $c->logout if $c->user;
    $c->res->redirect('/');

    }

    Finally you need a login template. Beside the usual html, you need a
    form, set to post to your login method, which contains a 'username'
    and 'password' field. I have the following from the cookbook

    <form action="/auth/login" method="POST" name="login_form">
    [% message %]<br />
    <label for="username">username:</label><br />
    <input type="text" id="username" name="username" /><br />

    <label for="password">password:</label><br />
    <input type="password" id="password" name="password" /><br />

    <input type="submit" value="log in" name="form_submit" />
    </form>


    As others have already said, the $c->session_login is no longer
    available. Instead the 'use_session' configuration parameter for the
    Authentication framework determines whether the $c->login call will
    persist over sessions. It's true by default.



    On 23 Jan 2006, at 02:12, Geoffrey Ferrari wrote:

    I've tried following the 'require user logins' section of the
    Catalyst::Manual::Cookbook but I have a feeling it is out of date
    and broken. In particular,the call to '$c->session_login
    (..., ...)" causes an error. I suspect it might not have been
    updated for the most recent version of the authentication framework.

    Since there is no other documentation around on how to achieve the
    same functionality, I'm sending out a general plea for someone who
    knows how to achieve it to update the cookbook documentation, and/
    or post some instructions to this list.

    I've tried to make it work myself but although I can get a user
    logged in and redirected, I don't seem to be able to carry the
    login over multiple sessions. So when I submit the login form, and
    the log tells me that the user has successfully been authenticated,
    all that happens in practice is that I get the login form returned
    to me again. (I've been redirected, during the request for the page
    it's been noticed that I'm not logged in, and so I'm redirected to
    the login form again.)

    Thanks in advance

    GHF

    _______________________________________________
    Catalyst mailing list
    Catalyst@lists.rawmode.org
    http://lists.rawmode.org/mailman/listinfo/catalyst

    On 23 Jan 2006, at 02:12, Geoffrey Ferrari wrote:

    I've tried following the 'require user logins' section of the
    Catalyst::Manual::Cookbook but I have a feeling it is out of date
    and broken. In particular,the call to '$c->session_login
    (..., ...)" causes an error. I suspect it might not have been
    updated for the most recent version of the authentication framework.

    Since there is no other documentation around on how to achieve the
    same functionality, I'm sending out a general plea for someone who
    knows how to achieve it to update the cookbook documentation, and/
    or post some instructions to this list.

    I've tried to make it work myself but although I can get a user
    logged in and redirected, I don't seem to be able to carry the
    login over multiple sessions. So when I submit the login form, and
    the log tells me that the user has successfully been authenticated,
    all that happens in practice is that I get the login form returned
    to me again. (I've been redirected, during the request for the page
    it's been noticed that I'm not logged in, and so I'm redirected to
    the login form again.)

    Thanks in advance

    GHF

    _______________________________________________
    Catalyst mailing list
    Catalyst@lists.rawmode.org
    http://lists.rawmode.org/mailman/listinfo/catalyst
  • Will Hawes at Jan 25, 2006 at 9:51 am

    Geoffrey Ferrari wrote:
    I've since traced the problem, and it's not quite what I had thought. I
    post the details here, plus my own setup, for anyone else who's having
    difficulty. In short, I was logging in successfully, and the logins were
    carried over between sessions. Unfortunately, the top-level auto
    subroutine in the Manual::Cookbook tests for a logged in user using

    $c->request->user

    Apparently the new authentication framework uses $c->user instead.

    Here's my setup anyway:

    In my top level application module (MyApp.pm) I setup the authentication
    plugin and include an auto subroutine. Users should note that, as far as
    I can make out, the Authentication::DBIC module uses the hexadecimal
    output from the SHA-1 hashing algorithm. So your passwords in your
    database must be likewise encrypted as hexadecimal, rather than as
    base_64 or binary. The output from SHA-1 in hexadecimal is 40 characters
    long, so your password field in your database needs to be 40 characters
    long, too.

    use Catalyst qw/-Debug
    DefaultEnd
    Static::Simple
    Authentication
    Authentication::Store::DBIC
    Authentication::Credential::Password
    Session
    Session::Store::FastMmap
    Session::State::Cookie
    /;

    __PACKAGE__->config->{authentication}->{dbic} = {
    user_class =>
    'MyApp::Model::DBIC::Users', # or whichever of your Model
    Classes
    user_field => 'username', #
    contains your users
    password_type => 'hashed',
    password_hash_type => 'SHA-1',
    };

    sub auto : Private {
    my ($self, $c) = @_;
    my $login_path = 'auth/login';

    # allow people to actually reach the login page!
    if ($c->request->path eq $login_path) {
    return 1;
    }

    # if we have a user ... we're OK

    $c->res->redirect($c->request->base . $login_path) unless $c->user;

    # continue with the processing chain
    return 1;
    }


    Then in Controller::Auth.pm (or whichever module your using, as in the
    $login_path above)

    sub login : Local {
    my ( $self, $c ) = @_;

    $c->stash->{'template'} = "login.tt";
    # default form message
    $c->stash->{'message'} = 'Please enter your username and password';

    if ( my $user = $c->req->param("username")
    and my $password = $c->req->param("password") )
    {
    if ( $c->login( $user, $password ) ) {
    $c->res->redirect('/');
    } else {
    # login incorrect
    $c->stash->{'message'} =
    'Unable to authenticate the login details supplied';
    }
    }
    else {
    # invalid form input
    }
    }


    sub logout : Local {

    my ($self, $c) = @_;
    $c->logout if $c->user;
    $c->res->redirect('/');

    }

    Finally you need a login template. Beside the usual html, you need a
    form, set to post to your login method, which contains a 'username' and
    'password' field. I have the following from the cookbook

    <form action="/auth/login" method="POST" name="login_form">
    [% message %]<br />
    <label for="username">username:</label><br />
    <input type="text" id="username" name="username" /><br />

    <label for="password">password:</label><br />
    <input type="password" id="password" name="password" /><br />

    <input type="submit" value="log in" name="form_submit" />
    </form>


    As others have already said, the $c->session_login is no longer
    available. Instead the 'use_session' configuration parameter for the
    Authentication framework determines whether the $c->login call will
    persist over sessions. It's true by default.
    Thanks for highlighting the Cookbook error - now updated:

    http://dev.catalyst.perl.org/changeset/3129

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcatalyst @
categoriescatalyst, perl
postedJan 23, '06 at 3:12a
activeJan 25, '06 at 9:51a
posts6
users4
websitecatalystframework.org
irc#catalyst

People

Translate

site design / logo © 2021 Grokbase