[dancer-users] AuthCookie for Dancer
Alex Mestiashvili
alex at biotec.tu-dresden.de
Thu Apr 11 14:33:51 BST 2013
On 04/06/2013 03:41 PM, Alex Mestiashvili wrote:
> On 04/04/2013 05:40 PM, David Precious wrote:
>> On Thu, 04 Apr 2013 17:25:26 +0200
>> Alex Mestiashvili <alex at biotec.tu-dresden.de> wrote:
>>
>>> Hi All,
>>>
>>> I am wondering if something like Apache-AuthCookie[0] is available for
>>> Dancer ?
>>>
>>> Dancer::Plugin::Auth::Htpasswd and Basic are really cool, but I would
>>> like to avoid basic http auth if possible.
>>>
>>> [0] https://metacpan.org/module/Apache::AuthCookie
>> Something that presents a login form if the user isn't logged in?
>>
>> <shameless plug>
>>
>> https://metacpan.org/module/Dancer::Plugin::Auth::Extensible
>>
>> </shameless plug>
>>
>> :)
>>
>>
> But there is one problem,
> if I need to protect a route which is a file - lets say an image, than
> the file is rendered anyway.
> I looked on Dancer::Plugin::Auth::Htpasswd and it uses
> 'before_file_render' hook to ensure that the file is not rendered.
> Would it be possible to implement a similar feature in D::P::A::E ?
>
> or is there another way to define this hook using Auth::Extensible
> keywords ?
>
> I tried to use something like that:
>
> hook 'before_file_render' => sub {
> require_login();
> };
> but that didn't work for me.
>
> Thanks a lot,
> Alex
Just to close the thread,
the problem with files is solved by using before_file_render hook
something like that :
hook before_file_render => sub {
my $path_re = '^/'."$private_suffix";
if ( (request->path_info =~ qr{$path_re}) && (not
logged_in_user()) ){
redirect "$realhome".'/login';
}
return;
};
Alex
More information about the dancer-users
mailing list