[cgiapp] CGI::Application::Plugin::Authentication

Alex capfan at gmx.de
Thu Jan 21 12:23:07 EST 2010


Hi!

Regarding 4): I have a version here, that uses Templates for the login-box
via File::ShareDir's dist_file.
There is default template (the current one) located at
auto/CGI/Application/Plugin/Authentication and you can override the use of
this template by specifying your own template file. Either way, load_tmpl()
is called for a template file. I think this is what you indent by using the
cgiapp's load_tmpl() method.

I would be happy to provide this as patch, however, it is not ready to use,
as it was merely a test. It's based on the code of CAP::Authentication 0.12
and I don't have any tests for it atm. Another issue could propably be the
fact, that using a template will most likely influence the performance of a
script, because a template will be processed (including IO).

Well, long story short:
Here is the outdated source code of my test for customized login boxes:
http://alex.intergastro-service.de/test/capauth/CAP-Authentication-test-lib.
rar
Here is a html file with source code of CAP::Authentication.pm:
http://alex.intergastro-service.de/test/capauth/Authentication_pm.html


If there is any interest in this, please tell me. I will try again to use a
git repository to submit a patch against the current code in the repo.

HTH, Alex

-----Ursprüngliche Nachricht-----
Von: cgiapp-bounces at lists.openlib.org
[mailto:cgiapp-bounces at lists.openlib.org] Im Auftrag von NP Bamber
Gesendet: Donnerstag, 21. Januar 2010 14:41
An: cgiapp at lists.openlib.org
Betreff: [cgiapp] CGI::Application::Plugin::Authentication

I like CGI::Application::Plugin::Authentication but I have hit a number 
of issues with it. So I contacted Cees and he kindly agreed to make me a 
co-maintainer so I can progress the module faster.

My plans as they stand at the moment are:

1.) Please if you use this module in a way that is not covered by the 
current test suite please let me know and I will add it. This was a 
particular concern of Cees.

2.) There are two changes that have been submitted to github. I hope to 
get releases out that include these soon.

3.) Clean up the bugs listed in RT. I have prioritized those and started 
working through these. The test failures and security issues come high 
on my list.

4.) One particular issue for me is that I have had issues running the 
module under perl taint mode. I have traced this to the use of 
CGI::self_url in the login_box function. I have also noticed HTML 
validation issues with the login_box function. Now to me it seems that 
trying to fix login_box as a function that generates HTML is a bit of a 
loser's game. It breaks a backwards compatibility and every user who has 
an additional requirement adds to the complexity of the function. Of 
course the module provides several ways of setting the login form, but 
one of the nice things about the module is that it works out of the box. 
So what I would like to add is a smoother migration path away from out 
of the box behaviour. My preferred approach is to integrate this 
function more with the CGI::Application's "load_tmpl" function. That way 
the application can have a mini-template for the login box. I would be 
inclined to do the same for a "logout_button" function.

5.) I may introduce some Perl::Critic into the test suite. I usually 
find myself excluding most of the issues it brings up, but at least it 
makes one think about the code.





	<http://www.linkedin.com/e/sig/47231258/>


#####  CGI::Application community mailing list  ################
##                                                            ##
##  To unsubscribe, or change your message delivery options,  ##
##  visit:  http://lists.openlib.org/mailman/listinfo/cgiapp    ##
##                                                            ##
##  Web archive:   http://lists.openlib.org/pipermail/cgiapp/   ##
##  Wiki:          http://cgiapp.erlbaum.net/                 ##
##                                                            ##
################################################################
Eingehende eMail ist virenfrei.
Von AVG überprüft - www.avg.de 
Version: 9.0.730 / Virendatenbank: 271.1.1/2636 - Ausgabedatum: 01/21/10
08:34:00 



More information about the cgiapp mailing list