Original post: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/msg01222.html

My apologies for rehashing this old post, but this is such a *nice* thing to do for users that I'm sort of surprised the solution hasn't been implemented as a plugin or something, at least
so far as I can tell...

I'm trying to implement this elegant solution, but am getting stuck with the

'just dump any POST data back out into
hidden fields in the login form, don't change the URL, and have the login
form processed in a forward() from auto or similar rather than doing a
detach' part.

My questions are as follows:
What hidden field or fields are in the login form?

Where in the code sample are the items stashed? (or are they stored
elsewhere?)

Where in the code sample do we pick up after successful
authentication in order to (forward, detach, redirect - pick one or supply 
alt.)?



Full post:

 Hi,
 in my application, if a client issues a request after say 30 minutes of
 inactivity, I want to answer his request only after successfull
 authentication.

 Ideally, I would simply serialize $c->request in the session, ask for
 authentication, then if successfull restore the stored request to $c and call
 $c->dispatch. But after playing around a bit, it appears not to be that
 simple (the context is stored in the request as '_context', the body seems
 fetched only on-demand, dispatch seems to need some prepare_* methods to be
 called).

 I searched the list and only found this proposition for a similar mechanism:
 http://lists.scsys.co.uk/pipermail/catalyst/2007-February/012256.html

 Am I missing an easier way of doiing this?

Yes.

Don't try and serialize $c->req, just dump any POST data back out into
hidden fields in the login form, don't change the URL, and have the login
form processed in a forward() from auto or similar rather than doing a
detach. This is how I handle "user needs to log in to continue" across the
board and it makes life much simpler.

i.e. something like

sub auto :Private {
  my ($self, $c) = @_;
  unless ($c->user_exists) {
    unless ($c->forward('try_login')) {
      $c->detach('show_login_form');
      return 0;
    }
  }
  return 1;
}

sub try_login :Private {
  my ($self, $c) = @_;
  my $b = $c->req->body_parameters;
  return 0 unless $b->{__username};
  return $c->authenticate({
           username =>  $b->{__username}
           password =>  $b->{__password}
         });
}





_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Reply via email to