On Tue, 11 Dec 2012 13:47:28 +0200
"Octavian Rasnita" <[email protected]> wrote:
> Hi,
>
> Maybe is a stupid suggestion that might not even be possible to do,
> but I think the syntax would look nicer if would be something like:
>
> get '/secret' => sub {
> requires_login;
> ...
> };
>
> get '/beer' => sub {
> requires_role 'BeerDrinker';
> ...
> };
Should be possible! I'm not a big fan of that approach as it seems a
little... manual; it feels only a step away from doing all the checking
yourself :)
My other objection is that it would be easy to forget to add the
appropriate requires_* keyword call to a route, and thus have that
route unprotected; one of the options I'd been planning with the
current attributes-based approach was a setting to require all routes
to have attributes set (and adding a new NoLoginNeeded one), so that
you could optionally protect yourself against accidentally forgetting
to protect newly-added routes.
Having said that, though, it would be quite easy that way.
--
David Precious ("bigpresh") <[email protected]>
http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter
www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook
www.preshweb.co.uk/cpan www.preshweb.co.uk/github
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
