[Dancer-users] protecting some routes, not other

P Kishor punk.kish at gmail.com
Sat Oct 2 21:32:19 CEST 2010

I am looking at the Cookbook recipe for implementing a session based
login mechanism.

before sub {
    if (! session('username') && request->path_info !~ m{^/login}) {
        var requested_path => request->path_info;

get '/login' => sub {
    # Display a login page; the original URL they requested is available as
    # vars->{requested_path}, so could be put in a hidden field in the form

What I really want is to declare, in one place, the routes that should
be protected, the rest being openly accessible, or vice versa, that
is, declare the routes that should be accessible freely without login,
the rest requiring a login. What is the best way to do that?

An extension of this requirement would be to decralre an entire sub
application to be protected with the use of the prefix.

I am thinking of something like

before sub {
    if (! session('username') && request->path_info !~ m{^/login} && <******>) {
        var requested_path => request->path_info;

The logic would go in the <*******> part, something like

    (route in (array of protected routes))

Is the route available in a variable? or, is it only accessible via regexp?

Has this been solved already?

Puneet Kishor http://www.punkish.org
Carbon Model http://carbonmodel.org
Charter Member, Open Source Geospatial Foundation http://www.osgeo.org
Science Commons Fellow, http://sciencecommons.org/about/whoweare/kishor
Nelson Institute, UW-Madison http://www.nelson.wisc.edu
Assertions are politics; backing up assertions with evidence is science

More information about the Dancer-users mailing list