Dancer2::Plugin::Auth::Extensible wrong login page
I am using the ::Provider::Config setup, with very little customization (for now; the plan is to move to a ::Database or ::DBIC provider eventually). I have a route that looks like this: get '/locale/:param' => require_any_role [qw( admin editor voter )] => sub { ... }; My application is running under Plack via: builder { mount '/' => Qbank::App->to_app; mount '/api' => Qbank::API->to_app; }; So when I visit /locale/foo, I expect it to redirect me to /login. What I see in the logs is: looking for get /login in /home/aws/.plenv/versions/5.22.0/lib/perl5/site_perl/5.22.0/Dancer2/Core/App.pm l. 1180 Entering hook core.app.before_request in (eval 63) l. 1 Failed to serialize the request: hash- or arrayref expected (not a simple scalar, use allow_nonref to allow this) at /home/aws/.plenv/versions/5.22.0/lib/perl5/site_perl/5.22.0/Dancer2/Serializer/JSON.pm line 34. in (eval 264) l. 1 Entering hook core.app.after_request in (eval 63) l. 1 "GET /api/login?return_url=%2Fapi%2Flocale%2Fexam_types HTTP/1.1" ... I.e., it's prefixing the desired login page URL "/login" with the current URL's "/api". If I hit "/login" directly, it's fine. -- Jeff Boes <>< jeff@endpoint.com (269) 408-0811
On 2015-08-19 09:35, Jeff Boes wrote:
"GET /api/login?return_url=%2Fapi%2Flocale%2Fexam_types HTTP/1.1" ...
I.e., it's prefixing the desired login page URL "/login" with the current URL's "/api".
I suspect this is more of a Plack problem than a Dancer2 issue. I changed my configuration to include: Auth::Extensible: no_default_pages: 1 no_login_handler: 1 login_page_handler: 'My::App::login' where My::App::login is a simple handler that presents the login view. No change; I think once you are inside the "/api" URLs, you are stuck there. -- Jeff Boes <>< jeff@endpoint.com (269) 408-0811
On 2015-08-19 09:35, Jeff Boes wrote:
I am using the ::Provider::Config setup, with very little customization (for now; the plan is to move to a ::Database or ::DBIC provider eventually).
I have a route that looks like this:
get '/locale/:param' => require_any_role [qw( admin editor voter )] => sub { ... };
My application is running under Plack via:
builder { mount '/' => Qbank::App->to_app; mount '/api' => Qbank::API->to_app; };
So when I visit /locale/foo, I expect it to redirect me to /login.
Darned typo. What it should say is "... when I visit /api/locale/foo ...".
What I see in the logs is:
looking for get /login in /home/aws/.plenv/versions/5.22.0/lib/perl5/site_perl/5.22.0/Dancer2/Core/App.pm l. 1180 Entering hook core.app.before_request in (eval 63) l. 1 Failed to serialize the request: hash- or arrayref expected (not a simple scalar, use allow_nonref to allow this) at /home/aws/.plenv/versions/5.22.0/lib/perl5/site_perl/5.22.0/Dancer2/Serializer/JSON.pm line 34. in (eval 264) l. 1 Entering hook core.app.after_request in (eval 63) l. 1 "GET /api/login?return_url=%2Fapi%2Flocale%2Fexam_types HTTP/1.1" ...
I.e., it's prefixing the desired login page URL "/login" with the current URL's "/api".
If I hit "/login" directly, it's fine.
-- Jeff Boes <>< jeff@endpoint.com (269) 408-0811
On 2015-08-19 09:35, Jeff Boes wrote:
I am using the ::Provider::Config setup, with very little customization (for now; the plan is to move to a ::Database or ::DBIC provider eventually).
I have a route that looks like this:
get '/locale/:param' => require_any_role [qw( admin editor voter )] => sub { ... };
My application is running under Plack via:
builder { mount '/' => Qbank::App->to_app; mount '/api' => Qbank::API->to_app; };
Just to close the loop here: When a route requires authentication via DPAE, and fails to authenticate, a URL is generated via uri_for(). This is evaluated in the context of the application you are in, which means the /api prefix is exactly correct. Thus, if you want '/' and '/api' to both require authentication this way, they will have to share an authentication handler and coordinate their sessions. What I was trying to do was have route handlers in the API.pm (prefix: /api) application send unauthenticated requests over to /login in the App.pm (prefix: /) application, and that appears to be impossible or at least very difficult. -- Jeff Boes <>< jeff@endpoint.com (269) 408-0811
participants (1)
-
Jeff Boes