On Fri, Feb 16, 2018 at 05:41:36PM -0500, Brad Robertson wrote:
> Fri, Feb 16, 2018 at 01:46:26PM -0800, Luc Larochelle wrote:
> > but still, why would the basic_auth always return a true value ? I thought
> > about this and used private browser session to make sure it would not
> > happen.
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Mojolicious" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to [email protected].
> > To post to this group, send email to [email protected].
> > Visit this group at https://groups.google.com/group/mojolicious.
> > For more options, visit https://groups.google.com/d/optout.
>
> I've just started to look at this, and I don't believe basic_auth always
> returns a true value. Of course, I could be wrong about that.
>
> I'm not sure the following route will ever allow the 'under' to be
> evaluated:
>
> get '/' {
> plugin ('Directory', root=>"/my/path")->start;
> }
>
> If this route matches, the 'Directory' plugin is going to be loaded (or
> reloaded?), and it sets up a 'before_dispatch' hook which, if I am
> reading correctly, will proceed to render a page before your 'under'
> ever gets a chance to do this:
>
> $self->render(text => 'denied');
>
> I'm no expert at understanding hooks, so I am not sure this is correct.
>
> In any case, I've been tinkering with calling the 'Directory' plugin
> with a handler, per the documentation:
>
> use Text::Markdown qw{ markdown };
> use Path::Class;
> use Encode qw{ decode_utf8 };
>
> plugin('Directory', root => "/path/to/htdocs", handler => sub {
> my ($c, $path) = @_;
> if ( -f $path && $path =~ /\.(md|mkdn)$/ ) {
> my $text = file($path)->slurp;
> my $html = markdown( decode_utf8($text) );
> $c->render( inline => $html );
> }
> })->start;
>
> I tried moving the call to basic_auth() inside this handler, but it
> doesn't work, and this is probably because, once again, registering the
> 'Directory' plugin with the "plugin('Directory', root ..." statement
> sets up that 'before_dispatch' hook, which renders a page before the
> code evaluating the result of basic_auth() is exercised.
>
> So maybe the answer is to fiddle with some hooks so that the code using
> basic_auth() doesn't get preempted. Either that, or I am completely off
> base, and I'll freely admit it. It's been a while since I looked at any
> of this stuff.
>
> --
> Brad Robertson
> <[email protected]>
I believe this works:
use Mojolicious::Lite;
use Text::Markdown qw{ markdown };
use Path::Class;
use Encode qw{ decode_utf8 };
plugin 'basic_auth_plus';
app->hook(before_routes => sub {
my $c = shift;
my ($hash_ref, $auth_ok)
= $c->basic_auth(
"Realm Name" => {
username => 'username',
password => 'password'
}
);
return 0 unless $auth_ok;
});
plugin( 'Directory', root => "/my/path", handler => sub {
my ( $c, $path ) = @_;
if ( -f $path && $path =~ /\.(md|mkdn)$/ ) {
my $text = file($path)->slurp;
my $html = markdown( decode_utf8($text) );
$c->render( inline => $html );
}
})->start;
Hope this helps. If you want or need greater LDAP(S) support in
Mojolicious::Plugin::BasicAuthPlus, let me know, and perhaps I can look
into it.
--
Brad Robertson
<[email protected]>
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
