NAME
WWW::Suffit::AuthDB - Suffit Authorization Database
SYNOPSIS
use WWW::Suffit::AuthDB;
my $authdb = WWW::Suffit::AuthDB->new(
dsuri => "sqlite:///tmp/auth.db?sqlite_unicode=1"
);
DESCRIPTION
Suffit Authorization Database
new
my $authdb = WWW::Suffit::AuthDB->new(
dsuri => "sqlite:///tmp/auth.db?sqlite_unicode=1",
file => "/tmp/authdb.json"
);
die $authdb->error if $authdb->error;
Create new AuthDB object
access
$authdb->access(
controller => $self, # The Mojo controller object
username => $username,
) or die "Access denied!";
This method performs access control
$authdb->access(
controller => $self, # The Mojo controller object
username => "Bob",
method => "GET",
base => "https://www.example.com",
path => "/foo/bar",
client_ip => "192.168.0.123",
headers => {
Accept => "text/html,text/plain",
Connection => "keep-alive",
Host => "localhost:8695",
},
) or die "Access denied!";
This method performs access control for outer requests
$authdb->access(
controller => $self, # The Mojo controller object
username => "Bob",
routename => "index", # or 'route'
base => "https://www.example.com",
client_ip => "192.168.0.123",
headers => {
Accept => "text/html,text/plain",
Connection => "keep-alive",
Host => "localhost:8695",
},
) or die "Access denied!";
... or by routename
Examples:
<% if (has_access(path => url_for('settings')->to_string)) { %> ... <% } %>
<% if (has_access(route => 'settings') { %> ... <% } %>
authen
$authdb->authen("username", "password") or die $authdb->error;
Checks password by specified credential pair (username and password). This method returns the User object or false status of check
authz
$authdb->authz("username") or die $authdb->error;
$authdb->authz("username", 1) or die $authdb->error;
This method checks authorization status by specified username as first argument.
The second argument defines a scope. This argument can be false or true. false - determines the fact that internal authorization is being performed (on Suffit system); true - determines the fact that external authorization is being performed (on another sites)
The method returns the User object or false status of check
cache
Get cache instance
cached_group
my $group = $authdb->cached_group("manager");
This method returns data of specified groupname as WWW::Suffit::AuthDB::Group object
cached_realm
my $realm = $authdb->cached_realm("default");
This method returns data of specified realm name as WWW::Suffit::AuthDB::Realm object
cached_routes
my $routes = $authdb->cached_routes("http://localhost/");
Returns hash of routes by base URL
cached_user
my $user = $authdb->cached_user("alice");
This method returns data of specified username as WWW::Suffit::AuthDB::User object
clean
$authdb->clean;
Cleans state vars on the AuthDB object and returns it
dump
print $authdb->dump;
Returns JSON dump of loaded authentication database
export_data
Export data to JSON file
group
my $group = $authdb->group("manager");
This method returns data of specified groupname as WWW::Suffit::AuthDB::Group object
group_del
$authdb->group_del( "wheel" ) or die $authdb->error;
Delete group by groupname
group_enroll
$authdb->group_enroll(
groupname => "wheel",
username => "alice",
) or die $authdb->error;
Add user to group members
group_get
my %data = $authdb->group_get( "wheel" );
my @groups = $authdb->group_get;
This method returns group's data or returns all groups as array of hashes
group_members
my @members = $authdb->group_members( "wheel" );
This method returns group's members
group_pure_set
$authdb->group_pure_set(
groupname => "wheel",
description => "Admin group",
) or die $authdb->error;
This method adds new group or doing update data of existing group in pure mode
group_set
$authdb->group_set(
groupname => "wheel",
description => "Admin group",
) or die $authdb->error;
This method adds new group or doing update data of existing group
import_data
Import data from JSON file
load
$authdb->load("/tmp/authdb.json");
die $authdb->error if $authdb->error;
This method performs loading specified filename.
meta
$authdb->meta("my.key", "my value") or die $authdb->error;
Sets meta-value by key
my $val = $authdb->meta("my.key"); # my value
die $authdb->error if $authdb->error;
Gets meta-value by key
$authdb->meta("my.key", undef) or die $authdb->error;
Deletes meta-value by key
model
Get model instance
raise
return $authdb->raise("Error string");
return $authdb->raise("Error %s", "string");
return $authdb->raise(200 => "Error string");
return $authdb->raise(200 => "Error %s", "string");
Sets error string and returns false status. Also this method can performs sets the HTTP status code
realm
my $realm = $authdb->realm("default");
This method returns data of specified realm name as WWW::Suffit::AuthDB::Realm object
realm_del
$authdb->realm_del( "default" ) or die $authdb->error;
Delete realm by realmname
realm_get
my %data = $authdb->realm_get( "default" );
my @realms = $authdb->realm_get;
This method returns realm's data or returns all realms as array of hashes
realm_pure_set
$authdb->realm_pure_set(
realmname => "default",
realm => "Strict Zone",
description => "Default realm",
) or die $authdb->error;
This method adds new realm or doing update data of existing realm in pure mode
realm_requirements
my @requirements = $authdb->realm_requirements( "default" );
This method returns list of realm's requirements
realm_routes
my @routes = $authdb->realm_routes( "default" );
This method returns list of realm's routes
realm_set
$authdb->realm_set(
realmname => "default",
realm => "Strict Zone",
description => "Default realm",
) or die $authdb->error;
This method adds new realm or doing update data of existing realm
route_del
$authdb->route_del( "index" ) or die $authdb->error;
Delete route by routename
route_get
my %data = $authdb->route_get( "index" );
my @routes = $authdb->route_get;
This method returns route's data or returns all routes as array of hashes
route_pure_set
$authdb->route_pure_set(
routename => "default",
route => "Strict Zone",
description => "Default route",
) or die $authdb->error;
This method adds new route or doing update data of existing route in pure mode
route_search
my @routes = $authdb->route_search( $text );
This method performs search route by name fragment
route_set
$authdb->route_set(
routename => "default",
route => "Strict Zone",
description => "Default route",
) or die $authdb->error;
This method adds new route or doing update data of existing route
save
$authdb->load();
die $authdb->error if $authdb->error;
Performs flush database to file that was specified in constructor
$authdb->load("/tmp/new-authdb.json");
die $authdb->error if $authdb->error;
Performs flush database to file that specified directly
token_check
$authdb->token_check($username, $jti)
or die "The token is revoked";
This method checks status of the token in database
token_del
$authdb->token_del($username, $jti)
or die $authdb->error;
This method deletes token from database by username and token ID (jti)
token_get
my @tokens = $authdb->token_get();
my %data = $authdb->token_get( 123 );
my %issued = $authdb->token_get($username, $jti);
Returns the token's metadata by id or pair - username and jti By default (without specified arguments) this method returns list of all tokens
token_set
$authdb->token_set(
type => 'api',
jti => $jti,
username => $username,
clientid => 'qwertyuiqwertyui',
iat => time,
exp => time + 3600,
address => '127.0.0.1',
) or die($authdb->error);
Ads new token to database
$authdb->token_set(
id => 123,
type => 'api',
jti => $jti,
username => $username,
clientid => 'qwertyuiqwertyui',
iat => time,
exp => time + 3600,
address => '127.0.0.1',
) or die($authdb->error);
Performs modify token's data by id
user
my $user = $authdb->user("alice");
This method returns data of specified username as WWW::Suffit::AuthDB::User object
user_del
$authdb->user_del( "admin" ) or die $authdb->error;
Delete user by username
user_edit
$authdb->user_edit(
username => $username,
comment => $comment,
email => $email,
name => $name,
role => $role,
) or вшу($authdb->error);
Edit general user data
user_get
my %data = $authdb->user_get( "admin" );
my @users = $authdb->user_get;
This method returns user's data or returns all users as array of hashes
user_groups
my @groups = $authdb->user_groups( "admin" );
This method returns all groups of the user
user_passwd
$authdb->user_passwd(
username => "admin",
password => "password",
) or die $authdb->error;
This method sets password for user
user_pure_set
$authdb->user_pure_set(
username => "admin",
name => "Test User",
# . . .
) or die $authdb->error;
This method adds new user or doing update data of existing user in pure mode
user_search
my @users = $authdb->user_search( $text );
This method performs search user by name fragment
user_set
$authdb->user_set(
username => "admin",
name => "Test User",
# . . .
) or die $authdb->error;
This method adds new user or doing update data of existing user
user_setkeys
$authdb->user_setkeys(
username => "admin",
public_key => $public_key,
private_key => $private_key,
) or die $authdb->error;
This method sets keys for user
user_tokens
my @tokens = $authdb->user_tokens( $username );
This method returns all tokens of specified user
EXAMPLE
Example of default authdb.json
See src/authdb.json
HISTORY
See Changes
file
TO DO
See TODO
file
SEE ALSO
AUTHOR
Serż Minus (Sergey Lepenkov) https://www.serzik.com <abalama@cpan.org>
COPYRIGHT
Copyright (C) 1998-2023 D&D Corporation. All Rights Reserved
LICENSE
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
See LICENSE
file and https://dev.perl.org/licenses/