Hello !! im new to dancer adn im really enjoying hwo easy and simple it is, im actuaally testing some examples on the cookbook and soms simple functions and encountered a strange behaviour i cannot understand. Heres the code. #!/usr/bin/env perl use Dancer; use MyApp01; set port => 9001; before sub { if (! session('user') && request->path_info !~ m{^/login}) { redirect('/login'); } }; get '/login' => sub { # Display a login page; the original URL they requested is available as # vars->{requested_path}, so could be put in a hidden field in the form template 'login', { path => vars->{requested_path} }; }; post '/login' => sub { # Validate the username and password they supplied if (params->{username} eq 'bob' && params->{password} eq 'mierda') { session user => params->{user}; redirect params->{path} || '/'; } else { redirect '/login?failed=1'; } }; get '/logout' => sub { session->destroy; set_flash('You are logged out.'); redirect '/login'; }; get '/' => sub { if (session('user')) { redirect('/login'); } else { send_file '/o.html' ; } }; get '/hello/:name/peter' => sub { return "Hi there " . params->{name}; }; Allmos as posted on the dancer cookbook, login redirection works perfect, except when i request o.html, no matter if i explicit test if the user is logged, the file is shown on the browser. Its a simple html form, and when i click on submit im correctly redirected to /login but why is the first request not blocked ? Did i miss something on the manual about static files and session management ? Thank you Javi
Hey Sorry for the long reply. If you've noticed the last email Alexis wrote, I think it relates to this. It should be fixed very soon (since this is a very important issue) and I think that once it's sorted, either your situation will be fixed or much easier to fix. Thanks, Sawyer. On Tue, Feb 22, 2011 at 10:27 AM, Javier Sanchez <sjllera@gmail.com> wrote:
Hello !!
im new to dancer adn im really enjoying hwo easy and simple it is, im actuaally testing some examples on the cookbook and soms simple functions and encountered a strange behaviour i cannot understand. Heres the code.
#!/usr/bin/env perl use Dancer; use MyApp01;
set port => 9001;
before sub {
if (! session('user') && request->path_info !~ m{^/login}) { redirect('/login'); } };
get '/login' => sub { # Display a login page; the original URL they requested is available as # vars->{requested_path}, so could be put in a hidden field in the form template 'login', { path => vars->{requested_path} }; };
post '/login' => sub { # Validate the username and password they supplied if (params->{username} eq 'bob' && params->{password} eq 'mierda') { session user => params->{user}; redirect params->{path} || '/'; } else { redirect '/login?failed=1'; } };
get '/logout' => sub { session->destroy; set_flash('You are logged out.'); redirect '/login'; };
get '/' => sub { if (session('user')) { redirect('/login'); } else { send_file '/o.html' ; } };
get '/hello/:name/peter' => sub { return "Hi there " . params->{name}; };
Allmos as posted on the dancer cookbook, login redirection works perfect, except when i request o.html, no matter if i explicit test if the user is logged, the file is shown on the browser. Its a simple html form, and when i click on submit im correctly redirected to /login but why is the first request not blocked ? Did i miss something on the manual about static files and session management ?
Thank you Javi
_______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
On Mon, 2011-02-28 at 11:45 +0000, sawyer x wrote:
Hey
Sorry for the long reply.
If you've noticed the last email Alexis wrote, I think it relates to this. It should be fixed very soon (since this is a very important issue) and I think that once it's sorted, either your situation will be fixed or much easier to fix.
as well as the multiple cookie issues that's been discussed a couple of times, as I mentioned in my first post, I think there's also a problem with the way the has_changed method in Dancer::Cookies checks - it seems to check $cookie->{value} against $search->value: in Dancer/Cookies.pm: print STDERR Dumper ( $cookie->value, $cookie->{value}, $search->value, ($search->value ne $cookie->{value}), ($search->value ne $cookie->value) ); $VAR1 = '78728712'; $VAR2 = [ '78728712' ]; $VAR3 = '78728712'; $VAR4 = 1; $VAR5 = ''; This marks _every_ cookie as changed. Although that's probably less of a problem if the Renderer is patched to allow multiple cookies through. Making has_changed check $cookie->value fixes this. a
Thanks, Sawyer.
On Tue, Feb 22, 2011 at 10:27 AM, Javier Sanchez <sjllera@gmail.com> wrote:
Hello !!
im new to dancer adn im really enjoying hwo easy and simple it is, im actuaally testing some examples on the cookbook and soms simple functions and encountered a strange behaviour i cannot understand. Heres the code.
#!/usr/bin/env perl use Dancer; use MyApp01;
set port => 9001;
before sub {
if (! session('user') && request->path_info !~ m{^/login}) { redirect('/login'); } };
get '/login' => sub { # Display a login page; the original URL they requested is available as # vars->{requested_path}, so could be put in a hidden field in the form template 'login', { path => vars->{requested_path} }; };
post '/login' => sub { # Validate the username and password they supplied if (params->{username} eq 'bob' && params->{password} eq 'mierda') { session user => params->{user}; redirect params->{path} || '/'; } else { redirect '/login?failed=1'; } };
get '/logout' => sub { session->destroy; set_flash('You are logged out.'); redirect '/login'; };
get '/' => sub { if (session('user')) { redirect('/login'); } else { send_file '/o.html' ; } };
get '/hello/:name/peter' => sub { return "Hi there " . params->{name}; };
Allmos as posted on the dancer cookbook, login redirection works perfect, except when i request o.html, no matter if i explicit test if the user is logged, the file is shown on the browser. Its a simple html form, and when i click on submit im correctly redirected to /login but why is the first request not blocked ? Did i miss something on the manual about static files and session management ?
Thank you Javi
_______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
participants (3)
-
Alex Knowles -
Javier Sanchez -
sawyer x