X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FPlack%2FMiddleware%2FAuth%2FComplex.pm;h=53ff827fafbe76ea5ce1a9d4c325ccbd3f9e099b;hb=da36743f4b9e4935a22d0ac740a183a354050b67;hp=6ef8769f03c9075bc00c4f03000c5bcb042a23eb;hpb=1f7bfc2775dedc426518325a481c4b490a41c6e3;p=plack-middleware-auth-complex.git diff --git a/lib/Plack/Middleware/Auth/Complex.pm b/lib/Plack/Middleware/Auth/Complex.pm index 6ef8769..53ff827 100644 --- a/lib/Plack/Middleware/Auth/Complex.pm +++ b/lib/Plack/Middleware/Auth/Complex.pm @@ -4,7 +4,7 @@ use 5.014000; use strict; use warnings; -our $VERSION = '0.000_001'; +our $VERSION = '0.001001'; use parent qw/Plack::Middleware/; use re '/s'; @@ -32,6 +32,7 @@ sub default_opts {( cache_max_age => 5 * 60, token_max_age => 60 * 60, username_regex => qr/^\w{2,20}$/as, + invalid_username => 'Invalid username', register_url => '/action/register', passwd_url => '/action/passwd', request_reset_url => '/action/request-reset', @@ -43,7 +44,6 @@ sub new { my %self = $class->default_opts; %self = (%self, %$opts); my $self = bless \%self, $class; - $self->init; $self } @@ -59,12 +59,12 @@ sub init { sub create_user { my ($self, $parms) = @_; my %parms = $parms->flatten; - $self->{insert_sth}->execute($parms{username}, $self->hash_passphrase($parms{password}), $parms{email}) + $self->{insert_sth}->execute($parms{username}, $self->hash_passphrase($parms{password}), $parms{email}) or croak $self->{insert_sth}->errstr; } sub get_user { my ($self, $user) = @_; - $self->{select_sth}->execute($user) or croak $self->{sth}->errstr; + $self->{select_sth}->execute($user) or croak $self->{select_sth}->errstr; $self->{select_sth}->fetchrow_hashref } @@ -95,7 +95,7 @@ sub hash_passphrase { sub set_passphrase { my ($self, $username, $passphrase) = @_; - $self->{update_sth}->execute($self->hash_passphrase($passphrase), $username) + $self->{update_sth}->execute($self->hash_passphrase($passphrase), $username) or croak $self->{update_sth}->errstr; } sub make_reset_hmac { @@ -177,7 +177,7 @@ sub call_register { return $self->bad_request("Missing parameter $_") unless $parms{$_}; } - return $self->bad_request('Username must match ' . $self->{username_regex}) unless $parms{username} =~ $self->{username_regex}; + return $self->bad_request($self->{invalid_username}) unless $parms{username} =~ $self->{username_regex}; return $self->bad_request('Username already in use') if $self->get_user($parms{username}); return $self->bad_request('The two passwords do not match') unless $parms{password} eq $parms{confirm_password}; @@ -232,6 +232,12 @@ sub call_reset { sub call { my ($self, $env) = @_; + + unless ($self->{init_done}) { + $self->init; + $self->{init_done} = 1; + } + my $auth = $env->{HTTP_AUTHORIZATION}; if ($auth && $auth =~ /^Basic (.*)$/i) { my ($user, $pass) = split /:/, decode_base64($1), 2; @@ -386,6 +392,11 @@ Password reset token validity, in seconds. Defaults to 1 hour. Regular expression that matches valid usernames. Defaults to C. +=item invalid_username + +Error message returned when the username does not match +username_regex. Defaults to C<'Invalid username'> + =item register_url URL for registering. Defaults to C<'/action/register'>. @@ -420,7 +431,7 @@ Creates a new AuthComplex object. =item B -Called at the end of the constructor. The default implementation +Called when the first request is received. The default implementation connects to the database, calls C and prepares the SQL statements. @@ -486,19 +497,19 @@ Returns a 401 Authorization required response. =item B(I<$req>) -Handles the C endpoint. I<$req> is a Plack::Request object. +Handles the C endpoint. I<$req> is a Plack::Request object. =item B(I<$req>) -Handles the C endpoint. I<$req> is a Plack::Request object. +Handles the C endpoint. I<$req> is a Plack::Request object. =item B(I<$req>) -Handles the C endpoint. I<$req> is a Plack::Request object. +Handles the C endpoint. I<$req> is a Plack::Request object. =item B(I<$req>) -Handles the C endpoint. I<$req> is a Plack::Request object. +Handles the C endpoint. I<$req> is a Plack::Request object. =back