I am trying to implement *and* understand CAP::Authentication. My
questions are --
1. How do I set (or unset) a bunch of session variables upon
successful login or on logout?
For example, right now I am using a POST_LOGIN_CALLBACK to set an
'is_admin' bit like so
$self->authen->config(
..
POST_LOGIN_CALLBACK => \&account_update_session,
);
sub account_update_session {
my $self = shift;
if ($self->authen->is_authenticated) {
$self->session->param('is_admin', 0);
my $dbh = $self->dbh;
my $sth = $dbh->prepare(qq{
SELECT u.group_id
FROM users u JOIN groups g ON u.group_id = g.group_id
WHERE u.username = ?
});
$sth->execute($self->authen->username);
my ($group_id) = $sth->fetchrow_array;
if ($group_id == 1) {
$self->session->param('is_admin', 1);
}
}
}
The above works, but is it the right way to accomplish this? The
'is_admin' bit is just one session var. I will likely have a few other
session vars to set and unset.
2. Once I have set 'is_admin', how do I protected some of the modes much like
$self->authen->protected_runmodes(
'view',
'account_prefs',
'account_update',
'account_admin'
);
I would like to create something like so, logically speaking
$self->authen->even_more_protected_runmodes(
'account_admin'
);
--
Puneet Kishor
##### CGI::Application community mailing list ################
## ##
## To unsubscribe, or change your message delivery options, ##
## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ##
## ##
## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ##
## Wiki: http://cgiapp.erlbaum.net/ ##
## ##
################################################################
