#===========================================================================
Copyright (C) 2008 by Nik Ogura. All rights reserved.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Bug reports and comments to nik.ogura@gmail.com.
CGI::Lazy::Authn
use CGI::Lazy; my $q = CGI::Lazy->new({ tmplDir => '/templates', jsDir => '/js', cssDir => '/css', imgDir => '/css', buildDir => '/tmp', plugins => { dbh => { dbDatasource => 'dbi:mysql:somedb:localhost', dbUser => 'luser', dbPasswd => 's3cr3t', dbArgs => {RaiseError => 1}, }, session => { sessionTable => 'session', sessionCookie => 'frobnitz', saveOnDestroy => 1, expires => '+15m', }, authn => { table => 'user', primarykey => 'user_id', template => 'login.tmpl', salt => '234998fhgsldkj#$^', userField => 'username', passwdField => 'password', activeField => 'active', extraFields => { country => country, } }, }, }); return unless $q->authn->check;
CGI::Lazy Authentication module. Draws much of its inspiration from CGI::Auth. Put the $q->authn->check call in your CGI, if theres a current authenticated session, it will return true. If not, it will print the login template specified and return false.
The intended minimum database structure is as follows:
create table user (user_id int(10) unsigned not null auto_increment primary key, username varchar(50), password(varchar(25), active bool); #mysql
Required Arguments:
table => 'table_name', #name of user table primarykey => 'field_name', #name of primary key field on above table. template => 'login.tmpl', #name of template for logins salt => 'asdf9234ml@#4234', #unique identifying string for this application. Passwords are stored as md5 hashes of $username.$passwd.$salt . userField => 'username', #name of username field. Defaults to 'username' passwdField => 'password', #name of password field. Defaults to 'password' needs to be varchar and at least 22 characters wide. activeField => 'active', #name of field that flags a user as active. Defaults to 'active'. Assumes '1' means active.
Optional Arguments:
extraFields => { #any other fields you want to authenticate on. If set, will authenticate on username, passwd, and every other field set here. webname => fieldname, #first value is the name of the web control, second is the name of the field in the db webname2 => fieldname2, }
Call this in your cgi to check if an authenticated session is present. Returns 1 if session is valid, and authenticated. Returns 0 otherwise; If authentication fails, prints the login template.
Takes username, password, and salt from config and generates hashed value for storage in the db.
The username
The cleartext password.
To install CGI::Lazy, copy and paste the appropriate command in to your terminal.
cpanm
cpanm CGI::Lazy
CPAN shell
perl -MCPAN -e shell install CGI::Lazy
For more information on module installation, please visit the detailed CPAN module installation guide.