Hi Discipulus,
I have really looked forward to assisting you in some trivial matter because of the MAJOR enlightenment and joy you add to Perlmonks!!
You really need to look at under because it is exactly what you want, I'm pretty sure!
I'll try to provide some code specific to your example, but this is from a small web site (like 200 occasional users)
my $onlyLoggedIn = $r->under('/admin' => \&loggedIn);
$onlyLoggedIn->post('uploadFile')->to('files#insert');
$onlyLoggedIn->delete('files')->to('files#delete');
sub loggedIn {
my $c = shift;
if ($c->session('login')) {
return 1;
}
$c->render(
template => 'login',
title => 'website title',
status => 401,
);
return 0;
};
# elsewhere
sub login {
my $self = shift;
my $name = $self->param('user');
my $password = $self->param('password');
my $responseCode = 401;
# Pretty sure this hashes the param and checks it against the
+hashed database entry
if (Something::Model::Users::login($name,$password)) {
# $self->signed_cookie(loggedIn => 1);
$self->session(expiration => 60*60*10);
$self->session(login => $name);
$responseCode = 200;
$self->app->log->warn("$name logged in.");
} else {
$self->app->log->warn("Invalid login - '$name'");
}
$self->render(data => '',status => $responseCode);
}
So we have all urls /admin/whatever for only authenticated users.
Something I recently learned
$self->helper( onlyauth => sub {
my ($c,$block) = @_;
if ($c->session('login')) {
return $block->() if $block;
}
});
So I can use this in my templates!! I have an admin bar at the top of every regular page that only logged in users see
%= onlyauth begin
%= include 'adminbar'
% end
|