AxKit::App::TABOO::Handler::Login - Straight mod_perl handler to authenticate a user in TABOO

AxKit-App-TABOO documentation Contained in the AxKit-App-TABOO distribution.

Index

Code Index:

NAME

Top

AxKit::App::TABOO::Handler::Login - Straight mod_perl handler to authenticate a user in TABOO

SYNOPSIS

Top

  # in httpd.conf
    PerlModule AxKit::App::TABOO::Handler::Login
  <Location /login>
     SetHandler perl-script
     PerlHandler AxKit::App::TABOO::Handler::Login
     PerlSendHeader On
  </Location>

  PerlSetVar TABOODataStore DB_File
  PerlSetVar TABOOArgs      "FileName => /tmp/taboodemo-session"

DESCRIPTION

Top

This is a straight mod_perl handler to do the authentication in TABOO. It has come into being after having struggled with Apache::AxKit::Plugin::Session and AxKit::XSP::BasicSession and will simply give the user a cookie if the password matches, and set the username and the authorisation level in the session. Not my preferred way of doing things, but it shall have to do for now.

The session datastore uses Session and can be configured like that module, see the above example.

TODO

Top

This does something as atrocious as returning a HTML document directly. I tried returning something to transform with XSLT, but will have to find a better solution. I tried with an AxKit Provider too, but that segfaulted on me.

I'd really like to get Apache::AxKit::Plugin::Session going.

SEE ALSO

Top

AxKit::App::TABOO::AddXSLParams::Session

FORMALITIES

Top

See AxKit::App::TABOO.

AxKit-App-TABOO documentation Contained in the AxKit-App-TABOO distribution. 
package AxKit::App::TABOO::Handler::Login;

# This is a simple mod_perl Handler to implement session tracking,
# just for the purpose of login users in.

use Apache::Constants qw(:common);
use Apache;
use Apache::Request;
#use Apache::Cookie;
use Session;
use AxKit::App::TABOO::Data::User::Contributor;
use AxKit::App::TABOO;
use strict;
use warnings;
use Carp;


our $VERSION = '0.2';

sub handler {
  my $r = shift;

  my %session_config = AxKit::App::TABOO::session_config($r);

  my $cookie = $r->header_in('Cookie');
  if (defined($cookie) && $cookie =~ m/VID=(\w*)/) {
    # so, the user is logged in allready. Kill that session, then
    my $session = new Session $1, %session_config;
    $session->delete if defined $session;
  }
  my $outtext = '<html><head>';
  my $req = Apache::Request->instance($r);
  my $user = AxKit::App::TABOO::Data::User::Contributor->new();
  my $authlevel = $user->load_authlevel($req->param('username'));
  if ($authlevel) { # So, the user exists
    my $encrypted = $user->load_passwd($req->param('username'));
    if ($req->param('clear') && $encrypted && (crypt($req->param('clear'),$encrypted) eq $encrypted)) {
      my $redirect = $r->header_in("Referer") || '/';
      my $session = new Session undef, %session_config;
      $r->header_out("Set-Cookie" => 'VID='.$session->session_id());
      $session->set(authlevel => $authlevel);
      $session->set(loggedin => $req->param('username'));
      $outtext .= '<meta http-equiv="refresh" content="1;url='.$redirect.'">';
      $outtext .= '<title>Log in</title></head><body><h1>Logged in</h1><p>Password is valid, go to <a href="/">main page</a>.</p>';
    } else {
      $outtext .= '<title>Log in</title></head><body><h1>Log in</h1><p>Password is invalid, go back and try again!</p>';
    }
  } else {
    $outtext .= '<title>Log in</title></head><body><h1>Log in</h1><p>Username was not found, go back and try again!</p>';
  }
  $r->send_http_header('text/html');
  $r->print($outtext."\n</body></html>\n");
  return OK;
}

1;
__END__