App::Dochazka::REST::Auth - HTTP request authentication and authorization
This package, which is between Web::MREST::Entity and Web::Dochazka::REST::Dispatch in the chain of inheritance, provides the 'is_authorized' and 'forbidden' methods called by Web::Machine on each incoming HTTP request.
This overrides the Web::Machine method of the same name.
Authenticate the originator of the request, using HTTP Basic Authentication. Upon successful authentication, check that the user (employee) exists in the database (create if necessary) and retrieve her EID. Push the EID and current privilege level onto the context. Get the user's DBIx::Connector object and push that onto the context, too.
Initialize the session. Takes an employee object.
Validate the session
Takes a single argument, which is assumed to be number of seconds since epoch when the session was last seen. This is compared to "now" and if the difference is greater than the DOCHAZKA_REST_SESSION_EXPIRATION_TIME site parameter, the return value is false, otherwise true.
Authenticate the nick associated with an incoming REST request. Takes a nick and a password (i.e., a set of credentials). Returns a status object, which will have level 'OK' on success (with employee object in the payload), 'NOT_OK' on failure. In the latter case, there will be a declared status.
Authorization (ACL check) method.
First, parse the path and look at the method to determine which controller action the user is asking us to perform. Each controller action has an ACL associated with it, from which we can determine whether employees of each of the four different privilege levels are authorized to perform that action.
Requests for non-existent resources will always pass the ACL check.
To install App::Dochazka::REST, copy and paste the appropriate command in to your terminal.
cpanm
cpanm App::Dochazka::REST
CPAN shell
perl -MCPAN -e shell install App::Dochazka::REST
For more information on module installation, please visit the detailed CPAN module installation guide.