Am 13.11.2017 18:41, schrieb John McDermott, CPLP:
On 11/12/2017 9:09 AM, perlduck wrote:
Is Dancer2::Plugin::Auth::Extensible even the right place (base) for
such a plugin? I don't see why not. Aside from the potential security
issues noted, see
https://github.com/PerlDancer/Dancer2-Plugin-Auth-Extensible
and create a new provider.
--john
Well, as I see it, Dancer2::Plugin::Auth::Extensible requires all its
providers to authenticate with uid/pwd. If a route "requires_login" and
the "logged_in_user" isn't set in the session, then the
Dancer2::Plugin::Auth::Extensible wants to redirect to the /login route.
I already built my own Provider (based on Provider::Database) and
overwrote (using "around") the "authenticate_user" method so it returns
"true" when the uid is set in the environment. But still, DPAE shows the
login page.
When I press SUBMIT, then my "authenticate_user" method is called and
returns true (ignoring the POST parameters).
What I really want is: If a route "requires_login" and "logged_in_user"
is not yet set, then watch out for the SSL environment variables
(instead of redirecting to the login page). The more I explain, the more
I think DPAE is the wrong place for my purpose. Kind of rubber-ducking.
;-)
_______________________________________________
dancer-users mailing list
dancer-users@dancer.pm
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
