On Jan 11, 2008 6:27 PM, Matt S Trout <[EMAIL PROTECTED]> wrote: > On Tue, Jan 08, 2008 at 02:58:17PM -0500, [EMAIL PROTECTED] wrote: > > Hi, > > in my application, if a client issues a request after say 30 minutes of > > inactivity, I want to answer his request only after successfull > > authentication. > > > > Ideally, I would simply serialize $c->request in the session, ask for > > authentication, then if successfull restore the stored request to $c and > > call > > $c->dispatch. But after playing around a bit, it appears not to be that > > simple (the context is stored in the request as '_context', the body seems > > fetched only on-demand, dispatch seems to need some prepare_* methods to be > > called). > > > > I searched the list and only found this proposition for a similar mechanism: > > http://lists.scsys.co.uk/pipermail/catalyst/2007-February/012256.html > > > > Am I missing an easier way of doiing this? > > Yes. > > Don't try and serialize $c->req, just dump any POST data back out into > hidden fields in the login form, don't change the URL, and have the login > form processed in a forward() from auto or similar rather than doing a > detach. This is how I handle "user needs to log in to continue" across the > board and it makes life much simpler. > > i.e. something like > > sub auto :Private { > my ($self, $c) = @_; > unless ($c->user_exists) { > unless ($c->forward('try_login')) { > $c->detach('show_login_form'); > return 0; > } > } > return 1; > } > > sub try_login :Private { > my ($self, $c) = @_; > my $b = $c->req->body_parameters; > return 0 unless $b->{__username}; > return $c->authenticate({ > username => $b->{__username} > password => $b->{__password} > }); > } >
And how do you handle file uploads? Do you save them in the session? -- Jonas _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
