NAME

App::MFILE::WWW::Dispatch - app dispatch stub

SYNOPSIS

TBD

DESCRIPTION

This is where we override the default version of the is_authorized method defined by Web::Machine::Resource.

This module is only used in standalone mode. In derived distribution mode, the application's dispatch module will be used, instead.

METHODS

process_post

POST requests are assumed to be AJAX calls. Their entity bodies must be valid JSON with the following simple structure:

    { method: HTTP_METHOD, path: RESOURCE, body: BODY_JSON }

where HTTP_METHOD is any HTTP method accepted by the REST server, RESOURCE is a valid path to a REST server resource, and BODY_JSON is the content body to be sent in the HTTP request to the REST server. Provided the request is properly authorized and the body is well-formed, the request is forwarded to the REST server via the App::MFILE package's rest_req routine and the REST server's response is sent back to the user's browser, where it is processed by the JavaScript code.

In derived-distro mode, this structure is expected to be translated into a "real" HTTP request, to be forwarded via the LWP::UserAgent object stored in the session data. The status object received in the response is then passed back to the JavaScript side.

There is one special case: the POST request from the login dialog looks like this:

    { method: "LOGIN", path: "login", body: { nam: "foo", pwd: "bar" } }

Login requests receive special handling.

validate_user_credentials

Called either from process_post on login AJAX requests originating from the JavaScript side (i.e. the login screen in login-dialog.js, via login.js), or directly from is_authorized if the MFILE_WWW_BYPASS_LOGIN_DIALOG mechanism is activated.

Returns a status object - OK means the login was successful; all other statuses mean unsuccessful.

_logout

Called from process_post to process logout requests (special AJAX requests) originating from the JavaScript side.

_prep_ajax_response