line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Yancy::Plugin::Auth::Role::RequireUser; |
2
|
|
|
|
|
|
|
our $VERSION = '1.086'; |
3
|
|
|
|
|
|
|
# ABSTRACT: Add authorization based on user attributes |
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
#pod =head1 SYNOPSIS |
6
|
|
|
|
|
|
|
#pod |
7
|
|
|
|
|
|
|
#pod use Mojolicious::Lite; |
8
|
|
|
|
|
|
|
#pod plugin Yancy => ...; |
9
|
|
|
|
|
|
|
#pod |
10
|
|
|
|
|
|
|
#pod # Require any user |
11
|
|
|
|
|
|
|
#pod my $require_user = app->yancy->auth->require_user; |
12
|
|
|
|
|
|
|
#pod my $user = app->routes->under( '/user', $require_user ); |
13
|
|
|
|
|
|
|
#pod |
14
|
|
|
|
|
|
|
#pod # Require a user with the `is_admin` field set to true |
15
|
|
|
|
|
|
|
#pod my $require_admin = app->yancy->auth->require_user( { is_admin => 1 } ); |
16
|
|
|
|
|
|
|
#pod my $admin = app->routes->under( '/admin', $require_admin ); |
17
|
|
|
|
|
|
|
#pod |
18
|
|
|
|
|
|
|
#pod =head1 DESCRIPTION |
19
|
|
|
|
|
|
|
#pod |
20
|
|
|
|
|
|
|
#pod B This module is C and its API may change before |
21
|
|
|
|
|
|
|
#pod Yancy v2.000 is released. |
22
|
|
|
|
|
|
|
#pod |
23
|
|
|
|
|
|
|
#pod This plugin adds a simple authorization method to your site. All default |
24
|
|
|
|
|
|
|
#pod Yancy auth plugins use this role to provide the C |
25
|
|
|
|
|
|
|
#pod helper. |
26
|
|
|
|
|
|
|
#pod |
27
|
|
|
|
|
|
|
#pod =head1 SEE ALSO |
28
|
|
|
|
|
|
|
#pod |
29
|
|
|
|
|
|
|
#pod L |
30
|
|
|
|
|
|
|
#pod |
31
|
|
|
|
|
|
|
#pod =cut |
32
|
|
|
|
|
|
|
|
33
|
7
|
|
|
7
|
|
4682
|
use Mojo::Base '-role'; |
|
7
|
|
|
|
|
20
|
|
|
7
|
|
|
|
|
65
|
|
34
|
7
|
|
|
7
|
|
3441
|
use Yancy::Util qw( currym match ); |
|
7
|
|
|
|
|
22
|
|
|
7
|
|
|
|
|
2536
|
|
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
#pod =method require_user |
37
|
|
|
|
|
|
|
#pod |
38
|
|
|
|
|
|
|
#pod my $subref = $c->yancy->auth->require_user( \%match ); |
39
|
|
|
|
|
|
|
#pod |
40
|
|
|
|
|
|
|
#pod Build a callback to validate there is a logged-in user, and optionally |
41
|
|
|
|
|
|
|
#pod that the current user has certain fields set. C<\%match> is optional and |
42
|
|
|
|
|
|
|
#pod is a L matched |
43
|
|
|
|
|
|
|
#pod with L. |
44
|
|
|
|
|
|
|
#pod |
45
|
|
|
|
|
|
|
#pod # Ensure the user is logged-in |
46
|
|
|
|
|
|
|
#pod my $user_cb = $app->yancy->auth->require_user; |
47
|
|
|
|
|
|
|
#pod my $user_only = $app->routes->under( $user_cb ); |
48
|
|
|
|
|
|
|
#pod |
49
|
|
|
|
|
|
|
#pod # Ensure the user's "is_admin" field is set to 1 |
50
|
|
|
|
|
|
|
#pod my $admin_cb = $app->yancy->auth->require_user( { is_admin => 1 } ); |
51
|
|
|
|
|
|
|
#pod my $admin_only = $app->routes->under( $admin_cb ); |
52
|
|
|
|
|
|
|
#pod |
53
|
|
|
|
|
|
|
#pod =cut |
54
|
|
|
|
|
|
|
|
55
|
|
|
|
|
|
|
sub require_user { |
56
|
9
|
|
|
9
|
1
|
27
|
my ( $self, $c, $where ) = @_; |
57
|
|
|
|
|
|
|
return sub { |
58
|
16
|
|
|
16
|
|
201999
|
my ( $c ) = @_; |
59
|
|
|
|
|
|
|
#; say "Are you authorized? " . $c->yancy->auth->current_user; |
60
|
16
|
|
|
|
|
62
|
my $user = $c->yancy->auth->current_user; |
61
|
|
|
|
|
|
|
# If where isn't specified, or it's a plain scalar truth value |
62
|
16
|
100
|
100
|
|
|
126
|
if ( ( !$where || ( !ref $where && $where ) ) && $user ) { |
|
|
|
100
|
|
|
|
|
63
|
4
|
|
|
|
|
23
|
return 1; |
64
|
|
|
|
|
|
|
} |
65
|
12
|
100
|
100
|
|
|
54
|
if ( $where && match( $where, $user ) ) { |
66
|
3
|
|
|
|
|
17
|
return 1; |
67
|
|
|
|
|
|
|
} |
68
|
|
|
|
|
|
|
# XXX: Create `reply->unauthorized` helper |
69
|
|
|
|
|
|
|
$c->stash( |
70
|
9
|
|
|
|
|
50
|
template => 'yancy/auth/unauthorized', |
71
|
|
|
|
|
|
|
status => 401, |
72
|
|
|
|
|
|
|
logout_route => $self->logout_route->render, |
73
|
|
|
|
|
|
|
); |
74
|
9
|
|
|
|
|
1342
|
$c->respond_to( |
75
|
|
|
|
|
|
|
json => {}, |
76
|
|
|
|
|
|
|
html => {}, |
77
|
|
|
|
|
|
|
); |
78
|
9
|
|
|
|
|
79258
|
return undef; |
79
|
9
|
|
|
|
|
65
|
}; |
80
|
|
|
|
|
|
|
} |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
around register => sub { |
83
|
|
|
|
|
|
|
my ( $orig, $self, $app, $config ) = @_; |
84
|
|
|
|
|
|
|
$app->helper( |
85
|
|
|
|
|
|
|
'yancy.auth.require_user' => currym( $self, 'require_user' ), |
86
|
|
|
|
|
|
|
); |
87
|
|
|
|
|
|
|
$self->$orig( $app, $config ); |
88
|
|
|
|
|
|
|
}; |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
1; |
91
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
__END__ |