WWW::Suffit::Plugin::FileAuth - The Suffit plugin for authentication and authorization by password file
sub startup { my $self = shift->SUPER::startup(); $self->plugin('FileAuth', { configsection => 'auth', }); # . . . }
... configuration:
# FileAuth configuration <Auth> AuthUserFile /etc/myapp/passwd.db </Auth>
This plugin provides authentication and authorization by looking up users in plain text password files
The AuthUserFile configuration directive sets the path to the user file of a textual file containing the list of users and passwords for user authentication.
AuthUserFile
If it is not absolute, it is treated as relative to the project data directory.
data
By default use passwd.db file name
passwd.db
Each line of the user file contains a username followed by a colon, followed by the encrypted password. If the same user ID is defined multiple times, plugin will use the first occurrence to verify the password. Try to avoid such cases!
The encrypted password format depends on which length of this encrypted-string and character-set:
md5 32 hex digits and chars sha1 40 hex digits and chars sha224 56 hex digits and chars sha256 64 hex digits and chars sha384 96 hex digits and chars sha512 128 hex digits and chars unsafe plain text otherwise
Also, each line of the user file can contain parameters in the Query of URL format (RFC 3986), which must be placed at the end of the line with a leading colon character, which is the delimiter
Query of URL
For example:
admin:5f4dcc3b5aa765d61d8327deb882cf99 test:5f4dcc3b5aa765d61d8327deb882cf99:uid=1&name=Test%20user anonymous:password
This plugin supports the following options
configsection => 'auth'
This option sets a section name of the config file for define namespace of configuration directives for this plugin
Default: none (without section)
This plugin provides the following helpers
my $init = $self->fileauth->init;
This method returns the init object (Mojo::JSON::Pointer) that contains data of initialization:
{ error => '...', # Error message status => 500, # HTTP status code code => 'E7000', # The Suffit error code }
For example (in your controller):
# Check init status my $init = $self->fileauth->init; if (my $err = $init->get('/error')) { $self->reply->error($init->get('/status'), $init->get('/code'), $err); return; }
my $auth = $self->fileauth->authenticate({ username => $username, password => $password, loginpage => 'login', # -- To login-page!! expiration => $remember ? SESSION_EXPIRE_MAX : SESSION_EXPIRATION, realm => "Test zone", }); if (my $err = $auth->get('/error')) { if (my $location = $auth->get('/location')) { # Redirect $self->flash(message => $err); $self->redirect_to($location); # 'login' -- To login-page!! } elsif ($auth->get('/status') >= 500) { # Fatal server errors $self->reply->error($auth->get('/status'), $auth->get('/code'), $err); } else { # User errors (show on login page) $self->stash(error => $err); return $self->render; } return; }
This helper performs authentication backend subprocess and returns result object (Mojo::JSON::Pointer) that contains data structure:
{ error => '', # Error message status => 200, # HTTP status code code => 'E0000', # The Suffit error code username => $username, # User name referer => $referer, # Referer loginpage => $loginpage, # Login page for redirects (location) location => undef, # Location URL for redirects }
my $auth = $self->fileauth->authorize({ referer => $referer, username => $username, loginpage => 'login', # -- To login-page!! }); if (my $err = $auth->get('/error')) { if (my $location = $auth->get('/location')) { $self->flash(message => $err); $self->redirect_to($location); # 'login' -- To login-page!! } else { $self->reply->error($auth->get('/status'), $auth->get('/code'), $err); } return; }
This helper performs authorization backend subprocess and returns result object (Mojo::JSON::Pointer) that contains data structure:
{ error => '', # Error message status => 200, # HTTP status code code => 'E0000', # The Suffit error code username => $username, # User name referer => $referer, # Referer loginpage => $loginpage, # Login page for redirects (location) location => undef, # Location URL for redirects user => { # User data address => "127.0.0.1", # User (client) IP address base => "http://localhost:8080", # Base URL of request comment => "No comments", # Comment email => 'test@example.com', # Email address email_md5 => "a84450...366", # MD5 hash of email address method => "ANY", # Current method of request name => "Bob Smith", # Full user name path => "/", # Current query-path of request role => "Regular user", # User role status => true, # User status in JSON::PP::Boolean notation uid => 1, # User ID username => $username, # User name }, }
Internal methods
This method register the plugin and helpers in Mojolicious application
Mojolicious, WWW::Suffit::Server
Serż Minus (Sergey Lepenkov) https://www.serzik.com <abalama@cpan.org>
Copyright (C) 1998-2024 D&D Corporation. All Rights Reserved
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
See LICENSE file and https://dev.perl.org/licenses/
LICENSE
To install WWW::Suffit::Plugin::FileAuth, copy and paste the appropriate command in to your terminal.
cpanm
cpanm WWW::Suffit::Plugin::FileAuth
CPAN shell
perl -MCPAN -e shell install WWW::Suffit::Plugin::FileAuth
For more information on module installation, please visit the detailed CPAN module installation guide.