jifty::plugin::authentication::password::mixin::model::user(3pm) [debian man page]
Jifty::Plugin::Authentication::Password::Mixin::Model::UUser3Contributed Perl DocuJifty::Plugin::Authentication::Password::Mixin::Model::User(3pm) NAME
Jifty::Plugin::Authentication::Password::Mixin::Model::User - password plugin user mixin model SYNOPSIS
package MyApp::Model::User; use Jifty::DBI::Schema; use MyApp::Record schema { # custom column definitions }; use Jifty::Plugin::User::Mixin::Model::User; # name, email, email_confirmed use Jifty::Plugin::Authentication::Password::Mixin::Model::User; # ^^ password, auth_token DESCRIPTION
This mixin model is added to the application's account model for use with the password authentication plugin. This mixin should be used in combination with Jifty::Plugin::User::Mixin::Model::User. SCHEMA
This mixin adds the following columns to the model schema: auth_token This is a unique identifier used when confirming a user's email account and recovering a lost password. password This is the user's password. It will be stored in the database after being processed through Digest::MD5, so the password cannot be directly recovered from the database. METHODS
register_triggers Adds the triggers to the model this mixin is added to. password_is PASSWORD Checks if the user's password matches the provided PASSWORD. hashed_password_is HASH TOKEN Check if the given HASH is the result of hashing our (already salted and hashed) password with TOKEN. This can be used in cases where the pre-hashed password is sent during login as an additional security precaution (such as could be done via Javascript). validate_password Makes sure that the password is six characters long or longer, unless we have alternative means to authenticate. after_create This trigger is added to the account model. It automatically sends a notification email to the user for password confirmation. See Jifty::Plugin::Authentication::Password::Notification::ConfirmEmail. has_alternative_auth If your model supports other means of authentication, you should have this method return true, so the "password" field can optionally be null and authentication with password is disabled in that case. after_set_password Regenerate authentication tokens on password change regenerate_auth_token Generate a new auth_token for this user. This will invalidate any existing feed URLs. SEE ALSO
Jifty::Plugin::Authentication::Password, Jifty::Plugin::User::Mixin::Model LICENSE
Jifty is Copyright 2005-2010 Best Practical Solutions, LLC. Jifty is distributed under the same terms as Perl itself. perl v5.14.2 2010-12-10 Jifty::Plugin::Authentication::Password::Mixin::Model::User(3pm)
Check Out this Related Man Page
Jifty::Plugin::Authentication::Ldap(3pm) User Contributed Perl Documentation Jifty::Plugin::Authentication::Ldap(3pm) NAME
Jifty::Plugin::Authentication::Ldap - LDAP Authentication Plugin for Jifty DESCRIPTION
CAUTION: This plugin is experimental. This may be combined with the User Mixin to provide user accounts and ldap password authentication to your application. When a new user authenticates using this plugin, a new User object will be created automatically. The "name" and "email" fields will be automatically populated with LDAP data. in etc/config.yml Plugins: - Authentication::Ldap: LDAPhost: ldap.univ.fr # ldap server LDAPbase: ou=people,dc=..... # base ldap LDAPName: displayname # name to be displayed (cn givenname) LDAPMail: mailLocalAddress # email used optional LDAPuid: uid # optional Then create a user model jifty model --name=User and edit lib/App/Model/User.pm to look something like this: use strict; use warnings; package Venice::Model::User; use Jifty::DBI::Schema; use Venice::Record schema { # More app-specific user columns go here }; use Jifty::Plugin::User::Mixin::Model::User; use Jifty::Plugin::Authentication::Ldap::Mixin::Model::User; sub current_user_can { my $self = shift; my $type = shift; my %args = (@_); return 1 if $self->current_user->is_superuser; # all logged in users can read this table return 1 if ($type eq 'read' && $self->current_user->id); return $self->SUPER::current_user_can($type, @_); }; 1; ACTIONS This plugin will add the following actions to your application. For testing you can access these from the Admin plugin. Jifty::Plugin::Authentication::Ldap::Action::LDAPLogin The login path is "/ldaplogin". Jifty::Plugin::Authentication::Ldap::Action::LDAPLogout The logout path is "/ldaplogout". METHODS prereq_plugins This plugin depends on the User Mixin. Configuration The following options are available in your "config.yml" under the Authentication::Ldap Plugins section. "LDAPhost" Your LDAP server. "LDAPbase" [Mandatory] The base object where your users live. If "LDAPBindTemplate" is defined, "LDAPbase" is only used for user search. "LDAPBindTemplate" Alternatively to "LDAPbase", you can specify here the whole DN string, with %u as a placeholder for UID. "LDAPMail" The DN that your organization uses to store Email addresses. This gets copied into the User object as the "email". "LDAPName" The DN that your organization uses to store Real Name. This gets copied into the User object as the "name". "LDAPuid" The DN that your organization uses to store the user ID. Usually "cn". This gets copied into the User object as the "ldap_id". "LDAPOptions" These options get passed through to Net::LDAP. Default Options : debug => 0 onerror => undef async => 1 Other options you may want : timeout => 30 See "Net::LDAP" for a full list. You can overwrite the defaults selectively or not at all. "LDAPLoginHooks" Optional list of Perl functions that would be called after a successful login and after a corresponding User object is loaded and updated. The function is called with a hash array arguments, as follows: username => string user_object => User object ldap => Net::LDAP object infos => User attributes as returned by get_infos "LDAPFetchUserAttr" Optional list of LDAP user attributes fetched by get_infos. The values are returned to the login hook as arrayrefs. Example The following example authenticates the application against a MS Active Directory server for the domain MYDOMAIN. Each user entry has the attribute 'department' which is used for authorization. "LDAPbase" is used for user searching, and binding is done in a Microsoft way. The login hook checks if the user belongs to specific departments and updates the user record. ###### # etc/config.yml: Plugins: - User: {} - Authentication::Ldap: LDAPhost: ldap1.mydomain.com LDAPbase: 'DC=mydomain,DC=com' LDAPBindTemplate: 'MYDOMAIN\%u' LDAPName: displayName LDAPMail: mail LDAPuid: cn LDAPFetchUserAttr: - department LDAPLoginHooks: - 'Myapp::Model::User::ldap_login_hook' ###### # package Myapp::Model::User; sub ldap_login_hook { my %args = @_; my $u = $args{'user_object'}; my $department = $args{'infos'}->{'department'}[0]; my $editor = 0; if( $department eq 'NOC' or $department eq 'ENGINEERING' ) { $editor = 1; } $u->__set( column => 'is_content_editor', value => $editor ); } SEE ALSO
Jifty::Manual::AccessControl, Jifty::Plugin::User::Mixin::Model::User, Net::LDAP AUTHORS
Yves Agostini, <yvesago@cpan.org>, Stanislav Sinyagin and others authors from Jifty (maxbaker, clkao, sartak, alexmv) LICENSE
Copyright 2007-2010 Yves Agostini. All Rights Reserved. This program is free software and may be modified and distributed under the same terms as Perl itself. perl v5.10.1 2010-09-15 Jifty::Plugin::Authentication::Ldap(3pm)