Provided by: libcatalyst-plugin-authentication-perl_0.10023-4_all bug

NAME

       Catalyst::Authentication::Realm::Progressive - Authenticate against multiple realms

SYNOPSIS

       This Realm allows an application to use a single authenticate() call during which multiple
       realms are used and tried incrementally until one performs a successful authentication is
       accomplished.

       A simple use case is a Temporary Password that looks and acts exactly as a regular
       password. Without changing the authentication code, you can authenticate against multiple
       realms.

       Another use might be to support a legacy website authentication system, trying the current
       auth system first, and upon failure, attempting authentication against the legacy system.

   EXAMPLE
       If your application has multiple realms to authenticate, such as a temporary password
       realm and a normal realm, you can configure the progressive realm as the default, and
       configure it to iteratively call the temporary realm and then the normal realm.

        __PACKAGE__->config(
           'Plugin::Authentication' => {
               default_realm => 'progressive',
               realms => {
                   progressive => {
                       class => 'Progressive',
                       realms => [ 'temp', 'normal' ],
                       # Modify the authinfo passed into authenticate by merging
                       # these hashes into the realm's authenticate call:
                       authinfo_munge => {
                           normal => { 'type' => 'normal' },
                           temp   => { 'type' => 'temporary' },
                       }
                   },
                   normal => {
                       credential => {
                           class => 'Password',
                           password_field => 'secret',
                           password_type  => 'hashed',
                           password_hash_type => 'SHA-1',
                       },
                       store => {
                           class      => 'DBIx::Class',
                           user_model => 'Schema::Person::Identity',
                           id_field   => 'id',
                       }
                   },
                   temp => {
                       credential => {
                           class => 'Password',
                           password_field => 'secret',
                           password_type  => 'hashed',
                           password_hash_type => 'SHA-1',
                       },
                       store => {
                           class    => 'DBIx::Class',
                           user_model => 'Schema::Person::Identity',
                           id_field   => 'id',
                       }
                   },
               }
           }
        );

       Then, in your controller code, to attempt authentication against both realms you just have
       to do a simple authenticate call:

        if ( $c->authenticate({ id => $username, password => $password }) ) {
            if ( $c->user->type eq 'temporary' ) {
                # Force user to change password
            }
        }

CONFIGURATION

       realms
           An array reference consisting of each realm to attempt authentication against, in the
           order listed.  If the realm does not exist, calling authenticate will die.

       authinfo_munge
           A hash reference keyed by realm names, with values being hash references to merge into
           the authinfo call that is subsequently passed into the realm's authenticate method.
           This is useful if your store uses the same class for each realm, separated by some
           other token (in the EXAMPLE authinfo_mungesection, the 'realm' is a column on
           "Schema::Person::Identity" that will be either 'temp' or 'local', to ensure the query
           to fetch the user finds the right Identity record for that realm.

METHODS

   new ($realmname, $config, $app)
       Constructs an instance of this realm.

   authenticate
       This method iteratively calls each realm listed in the "realms" configuration key.  It
       returns after the first successful authentication call is done.

AUTHORS

       J. Shirley "<jshirley@cpan.org>"

       Jay Kuri "<jayk@cpan.org>"

COPYRIGHT & LICENSE

       Copyright (c) 2008 the aforementioned authors. All rights reserved. This program is free
       software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.36.0                                2023Catalyst::Authentication::Realm::Progressive(3pm)