On 29 Jun 2012, at 10:59, Will Crawford wrote:
> On 28 June 2012 23:12, Gavin Henry <gavin.he...@gmail.com> wrote:
> ...
>> Thanks Tim. Yes, I know that but then the other two realms will fail
>> and that's the point of progressive. I want to call one ->authenticate
>> which tries all the realms I've defined in progressive_oauth.
>
> Regrettably, the docs for the Password realm saith:
>
> NOTE If the password_field is something other than 'password', you
> must be sure to use that same field name when calling
> $c->authenticate().
>
> I'd call that a bug, personally - it certainly isn't intuitive that
> you can specify the field to use, but then have to remember it in all
> your calls to authenticate().
>
> Not much can be done about that, though. Maybe someone can produce an adaptor?
I don't disagree that it's confusing, however it _is_ intentional, as you can
pass an arbitrary hash of data into $c->authenticate for the auth info
(allowing you to do lookups on the values of multiple fields).
What happens is that the configured 'password_field' is _removed_ by the
Password credential when it calls the 'find_user' method, and then the
remaining fields are passed to the store to lookup a user with - this allows
you to say $c->authenticate({username => $u, password => $p, is_admin => 1});
For example.
Patches to improve the documentation would be welcome, of course! :)
Cheers
t0m
_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
