perl - Mojolicious, redirects, session and trying to create an authentication system -


i'm trying away basic auth in mojolicious application. able detect absence of session key , redirect login page. login page posts application , authenticate end process. end process returning success , mojo app sets session thus:

$self->session( user => $name, groups => $groups );

in debugging this, $name , $group both defined , valid. wish redirect "protected" space of app. redirect lands in right place fails detect $self->session('user') (is undef when debugging) end redirecting login repeatedly.

i'll include snippets of setup below. missing?

myapp.pm

my $r = $self->routes; $r->route('/verify')->via('post')->to('util-auth#verify')->name('verify'); $r->route('/login')->via('get')->to('util-auth#login')->name('login'); $app = $r->under('/myapp')->to('util-auth#check');  $app->route('/foo')->via('get')->to('controller-api#foo')->name('foo');

myapp::util::auth

sub verify {     $self = shift;     $name = $self->param('username');     $pass = $self->param('password');     $dest = "/myapp/foo"; # in protected area      if ( $self->authenticate($name, $pass) ) {         $groups = $self->get_groups($name);         $self->session(             user => $name,             groups => $groups,         );     }     else {         $self->flash( message => "invalid login..." );     }     $self->redirect_to($dest); }  sub login {     $self = shift;     $self->render();    # renders login form }  sub check {     $self = shift;     $user = $self->session('user');     return 1 if defined $user;     $self->redirect_to('/login');     return 0; }

i having similar problem , ended putting these in stash. think session string based, because cookie set session info.


-

Popular posts from this blog