[dancer-users] Introducing Dancer::Plugin::Auth::Tiny

David Golden xdg at xdg.me
Wed Dec 19 17:09:49 GMT 2012

Hi, everyone.  The fascinating DPAE discussion prompted me to write a
Tiny auth plugin with some similar concepts.

Because I already have user authentication working -- and because I
think that logic should live in the model, not in the controller --
the "wrap routes" feature of DPAE was great sugar, but I didn't want
the authentication backends or the default login/logout handlers.

So... I wrote just the sugar part, and left all the actual
authentication up to the user.

Here's the synopsis -- note the 'needs login' in the '/private' route
handler line:

  use Dancer::Plugin::Auth::Tiny;

  get '/private' => needs login => sub { ... };

  get '/login' => sub {
    # put 'return_url' in a hidden form field
    template 'login' => { return_url => params->{return_url} };

  post '/login' => sub {
    if ( _is_valid( params->{user}, params->{password} ) ) {
      session user => params->{user},
      return redirect params->{return_url} || '/';
    else {
      template 'login' => { error => "invalid username or password" };

  sub _is_valid { ... } # this is up to you

Plus, it's extensible, if you want to replace the 'login' wrapper with
your own, or if you want to add additional wrappers for your own

I'd love to hear feedback, so please check it out:


David Golden <xdg at xdg.me>
Take back your inbox! → http://www.bunchmail.com/
Twitter/IRC: @xdg

More information about the dancer-users mailing list