Gadgets::AuthManager.pm
details and actions »
Created by: Douglas Hunter
Permissions: read[all users] edit[all users] reply[all users]

NAME

Gadgets::AuthManager - Authenticate and authorize. Flexibly.

METHODS

$g->auth->check_authn ( [ $extra_login_params ] )

check_authn functions similarly to force_authn, except that it only
returns a user object if the user has already logged on, or undef if
there is no session authentication. It does NOT redirect to a login page
like force_authn.

$g->auth->force_authn ( [ $extra_login_params ] )

Usually, force_authn is called by system core code (admin_acl_authz, for
example). But you can call it from the init block of a mason component,
as well, to force authentication for a given resource. Called in this
way, the login system cannot handle the passing of POST arguments, but
everything else works. Handling POST args (again, an earlier version of
AuthManager did so) should be on the todo list.

$g->auth->login_init

Login components are often self-submitting, so that login failures can
be reported and a login page redisplayed. This method is called at the
beginning of a login component's init block. If this is a login
submission, and it's successful, a redirect (external redirect for GET,
internal redirect for POST) will take the user to the page that was
originally requested. Otherwise a list of values to be filed into
various login-form elements will be returned.

$g->auth->logout ( $optional_redirect )

Call to log a user out. Always redirects (using $m->redirect) after
performing whatever logout and cleanup is necessary. With no argument,
redirects to the url in the HTTP Referer header. If passed an argument,
uses that string as a target url for the redirect.

$g->auth->new_user

Call to creates a new user object and underlying data structure.

$g->auth->new_user_login

Call to create -- and immediately log in -- a new user.

$g->auth->authenticate

Authenticate "in a vacuum," passing login information through to the
Authner object. This routine would not normally be called directly, but
it's here in the API for unusual usages.

$g->auth->refresh_authn

Call to refresh a user's authentication. This means that any timeout in
the authn credential is set anew, extending the authn credential's
validity.

$g->auth->refresh_changed_authn

Call to refresh a user's authentication after user information been
changed in some underlying way. For example, because UserFactory caches
the display_name string in a client-side cookie, if you change a user's
display_name without calling this method, the new name will probably not
"show up" immediately for Mason-side code.

Here is a common use of refresh_changed_authn:

  $user->set_display_name ( @args_the_def_expects );
  $self->refresh_changed_authn();

  Your profile has been changed. You are logged in
  as: <% $user->display_name %>.
details and actions »