Hi all, Following the recent discussion on the list regarding DPAE's use of subroutine attributes to declare which routes need auth/specific roles and a before handler to check for them, the general consensus seems to be that, whilst the attributes-based approach is quite clean, it's not necessary solid enough to rely upon. (Multiple people whose opinions I respect advised me that there are likely to be issues with it - some potential problems include thread safety, and problems I've seen at work when running under the debugger / Devel::Cover etc.) For that reason, whilst DPAE is still young and not widely used (as far as I'm aware :) ), I've decided it would make sense to take the approach recommended by multiple people, and replace sub attributes with keywords which wrap the route handler coderef and perform the required checks before executing it. The changes are in a remove_attributes branch - the refactor commit is: https://github.com/bigpresh/Dancer-Plugin-Auth-Extensible/commit/32844b7c3cc... From a user's point of view, the changes are in how you define that a route needs login / specific roles. Previously, you would say: get '/secret' => sub :RequiresLogin { ... }; Now, you'd say: get '/secret' => requires_login sub { ... }; And to require specific roles: get '/beer' => requires_role BeerDrinker => sub { ... }; Opinions on this would be warmly welcomed. Also, if you've been using DPAE and have a moment to try out your code with these changes, that would be awesome. DPAE passes all its tests after the changes, so I'm reasonably convinced that it's working correctly, but will perform more testing before this hits CPAN. Cheers Dave P -- David Precious ("bigpresh") <davidp@preshweb.co.uk> http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook www.preshweb.co.uk/cpan www.preshweb.co.uk/github