File Coverage

blib/lib/Mojolicious/Plugin/RoutesAuthDBI.pm

Criterion	Covered	Total	%
statement	18	96	18.7
branch	0	52	0.0
condition	0	104	0.0
subroutine	6	12	50.0
pod	1	4	25.0
total	25	268	9.3

line	stmt	bran	cond	sub	pod	time	code
1							package Mojolicious::Plugin::RoutesAuthDBI;
2	1			1		68895	use Mojo::Base 'Mojolicious::Plugin::Authentication';
	1					196559
	1					9
3	1			1		3454	use Mojolicious::Plugin::RoutesAuthDBI::Util qw(load_class);
	1					4
	1					70
4	1			1		8	use Mojo::Util qw(hmac_sha1_sum);
	1					3
	1					45
5	1			1		657	use Hash::Merge qw( merge );
	1					9983
	1					79
6	1			1		15	use Scalar::Util 'weaken';
	1					3
	1					49
7
8	1			1		7	use constant PKG => __PACKAGE__;
	1					3
	1					3427
9
10							has [qw(app dbh conf)];
11
12							has default => sub {
13							my $self = shift;
14							require Mojolicious::Plugin::RoutesAuthDBI::Schema;
15							{
16							auth => {
17							stash_key => PKG."__user__",
18							current_user_fn => 'auth_user',# helper
19							load_user => \&load_user,
20							validate_user => \&validate_user,
21							},
22
23							access => {
24							namespace => PKG,
25							module => 'Access',
26							fail_auth_cb => sub {
27							shift->render(status => 401, format=>'txt', text=>"Please sign in.\n");
28							},
29							fail_access_cb => sub {
30							shift->render(status => 403, format=>'txt', text=>"You don`t have access on this route (url, action).\n");
31							},
32							import => [qw(load_user validate_user)],
33							},
34
35							admin => {
36							namespace => PKG,
37							controller => 'Admin',
38							prefix => lc($self->conf->{admin}{controller} \|\| 'admin'),
39							trust => hmac_sha1_sum('admin', $self->app->secrets->[0]),
40							role_admin => 'administrators',
41							},
42
43							oauth => {
44							namespace => PKG,
45							controller => 'OAuth',
46							fail_auth_cb => sub {shift->render(format=>'txt', text=>"@_")},
47							},
48
49							template => $Mojolicious::Plugin::RoutesAuthDBI::Schema::defaults,
50
51							model_namespace => PKG.'::Model',
52
53							guest => {# from Mojolicious::Plugin::Authentication
54							#~ autoload_user => 1,
55							session_key => 'guest_data',
56							stash_key => PKG."__guest__",
57							#~ current_user_fn => 'current_guest',# helper
58							#~ load_user => \&load_guest,
59							#~ validate_user => not need
60							#~ fail_render => not need
61							#######end Mojolicious::Plugin::Authentication conf#######
62							namespace => PKG,
63							module => 'Guest',
64							#~ import => [qw(load_guest)],
65							},
66
67							log=>{
68							namespace => PKG,
69							module => 'Log',
70							disabled=>0,
71							},
72							};
73							};# end defaults
74
75							has merge_conf => sub {#hashref
76							my $self = shift;
77							merge($self->conf, $self->default);
78							};
79
80							has access => sub {# object
81							my $self = shift;
82							weaken $self;
83							my $conf = $self->merge_conf->{'access'};
84							@{$self->merge_conf->{template}{tables}}{keys %{$conf->{tables}}} = values %{$conf->{tables}}
85							if $conf->{tables};
86							my $class = load_class($conf);
87							$class->import( @{ $conf->{import} });
88							$class->new(app=>$self->app, plugin=>$self,);
89							}, weak => 1;
90
91							has admin => sub {# object
92							my $self = shift;
93							my $conf = $self->merge_conf->{'admin'};
94							@{$self->merge_conf->{template}{tables}}{keys %{$conf->{tables}}} = values %{$conf->{tables}}
95							if $conf->{tables};
96							load_class($conf)->init(%$conf, app=>$self->app, plugin=>$self,);
97							}, weak => 1;
98
99							has oauth => sub {
100							my $self = shift;
101							my $conf = $self->merge_conf->{'oauth'};
102							@{$self->merge_conf->{template}{tables}}{keys %{$conf->{tables}}} = values %{$conf->{tables}}
103							if $conf->{tables};
104							load_class($conf)->init(%$conf, app=>$self->app, plugin=>$self, model=>$self->model($conf->{controller}),);
105							}, weak => 1;
106
107							has guest => sub {# object
108							my $self = shift;
109							my $conf = $self->merge_conf->{'guest'};
110							@{$self->merge_conf->{template}{tables}}{keys %{$conf->{tables}}} = values %{$conf->{tables}}
111							if $conf->{tables};
112
113							$self->merge_conf->{template}{tables}{guests} = $conf->{table}
114							if $conf->{table};
115
116							my $class = load_class($conf);
117							$class->new( %$conf, app=>$self->app, plugin=>$self, model=>$self->model($conf->{module}), );
118							}, weak => 1;
119
120							has log => sub {# object
121							my $self = shift;
122							my $conf = $self->merge_conf->{'log'};
123
124							@{$self->merge_conf->{template}{tables}}{keys %{$conf->{tables}}} = values %{$conf->{tables}}
125							if $conf->{tables};
126
127							$self->merge_conf->{template}{tables}{logs} = $conf->{table}
128							if $conf->{table};
129
130							my $class = load_class($conf);
131							$class->new( %$conf, app=>$self->app, plugin=>$self, model=>$self->model($conf->{module}), )
132							unless $conf->{disabled};
133							}, weak => 1;
134
135
136							sub register {
137	0			0	1		my $self = shift;
138	0						$self->app(shift);
139	0						$self->conf(shift); # global
140
141	0		0				$self->dbh($self->conf->{dbh} \|\| $self->app->dbh);
142	0	0					$self->dbh($self->dbh->($self->app))
143							if ref($self->dbh) eq 'CODE';
144	0	0					die "Plugin must work with dbh, see SYNOPSIS" unless $self->dbh;
145
146							# init base model
147	0						load_class($self->merge_conf->{model_namespace}."::Base")->singleton(dbh=>$self->dbh, template_vars=>$self->merge_conf->{template}, mt=>{tag_start=>'{%', tag_end=>'%}'});
148
149	0						my $access = $self->access;
150
151							die "Plugin [Authentication] already loaded"
152	0	0					if $self->app->renderer->helpers->{'authenticate'};
153
154	0						$self->SUPER::register($self->app, $self->merge_conf->{auth});
155	0						$self->app->plugin('HeaderCondition');# routes host_re
156
157	0						weaken $self;
158	0			0			$self->app->routes->add_condition(access => sub {$self->cond_access(@_)});
	0
159	0						$access->apply_ns();
160	0						$access->apply_route($_) for @{ $access->routes };
	0
161
162	0	0					if ($self->conf->{oauth}) {
163	0						my $oauth = $self->oauth;
164	0						$access->apply_route($_) for $oauth->_routes;
165							}
166
167	0	0	0				if ($self->conf->{admin} && ref($self->conf->{admin} eq 'HASH') && keys(%{$self->conf->{admin}})) {
	0		0
168	0						my $admin = $self->admin;
169	0						$access->apply_route($_) for $admin->self_routes;
170							}
171
172							$self->guest
173	0	0					if $self->conf->{guest};
174
175							$self->log
176	0	0					if $self->conf->{log};
177
178	0						weaken $access;
179	0			0			$self->app->helper('access', sub {$access});
	0
180
181	0						return $self, $access;
182
183							}
184
185							sub cond_access {# add_condition
186	0			0	0		my $self= shift;
187	0						my ($route, $c, $captures, $args) = @_;# $args - это маршрут-хэш из запроса БД или хэш-конфиг из кода
188	0						$route->{(PKG)}{route} = $args;# может пригодиться: $c->match->endpoint->{'Mojolicious::Plugin::RoutesAuthDBI'}...
189	0						my $conf = $self->merge_conf;
190	0						my $app = $c->app;
191	0						my $access = $self->access;
192							#~ $app->log->debug($c->dumper($route));#$route->pattern->defaults
193
194	0						my $auth_helper = $conf->{auth}{current_user_fn};
195	0						my $u = $c->$auth_helper;
196	0						my $fail_auth_cb = $conf->{access}{fail_auth_cb};
197
198	0	0					if (ref $args eq 'CODE') {
199	0	0	0				$args->($u, @_)
			0
200							or $self->deny_log($route, $args, $u, $c)
201							and $c->$fail_auth_cb()
202							and return undef;
203	0						$app->log->debug(sprintf(qq[Access allow [%s] by callback condition],
204							$route->pattern->unparsed,
205							));
206	0						return 0x01;
207							}
208
209							$app->log->debug(
210							sprintf(qq[Access allow [%s] for none {auth} and none {role} and none {guest}], $route->pattern->unparsed)
211							)
212							and return 1 # не проверяем доступ
213	0	0	0				unless $args->{auth} \|\| $args->{role} \|\| $args->{guest};
			0
			0
214
215
216	0	0					if ($args->{guest}) {# && $args->{auth} =~ m'\bguest\b'i
217	0	0	0				$app->log->debug(sprintf(qq[Access allow [%s] for {guest}],
218							$route->pattern->unparsed,
219							))
220							and return 1
221							if $self->guest->is_guest($c);
222							}
223
224							# не авторизовался
225							$self->deny_log($route, $args, $u, $c)
226							and $c->$fail_auth_cb()
227							and return undef
228	0	0	0				unless $u && $u->{id};
			0
			0
229
230							# допустить если {auth=>'only'}
231							$app->log->debug(sprintf(qq[Access allow [%s] for {auth}=~'only'],
232							$route->pattern->unparsed,
233							))
234							and return 1
235	0	0	0				if $args->{auth} && $args->{auth} =~ m'\bonly\b'i;
			0
236
237	0						my $id2 = [$u->{id}, map($_->{id}, grep !$_->{disable},@{$u->roles})];
	0
238	0						my $id1 = [grep $_, @$args{qw(id route_id action_id controller_id namespace_id)}];
239
240							# explicit acces to route
241	0	0	0				scalar @$id1
			0
242							&& $access->access_explicit($id1, $id2)
243							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] joined id1=%s; args=[%s]; defaults=%s",
244							$route->pattern->unparsed,
245							$c->dumper($id2) =~ s/\s+//gr,
246							$c->dumper($id1) =~ s/\s+//gr,
247							$c->dumper($args) =~ s/\s+//gr,
248							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
249							)
250							&& return 1;
251
252							# Access to non db route by role
253							$args->{role}
254							&& $access->access_role($args->{role}, $id2)
255							&& $app->log->debug(sprintf "Access allow [%s] by role [%s]",
256							$route->pattern->unparsed,
257							$args->{role},
258							)
259	0	0	0				&& return 1;
			0
260
261							# implicit access to non db routes
262	0		0				my $controller = $args->{controller} \|\| $route->pattern->defaults->{controller} && ucfirst(lc($route->pattern->defaults->{controller}));
263	0		0				my $namespace = $args->{namespace} \|\| $route->pattern->defaults->{namespace};
264	0	0	0				if ($controller && !$namespace) {
265	0		0				(load_class(namespace=>$_, controller=>$controller) and ($namespace = $_) and last) for @{ $app->routes->namespaces };
	0		0
266							#~ warn "FOUND CONTROLLER[$controller] in NAMESPACE: $namespace";
267							}
268
269	0						my $fail_access_cb = $conf->{access}{fail_access_cb};
270
271	0	0	0				$self->deny_log($route, $args, $u, $c)
			0
			0
272							and $c->$fail_access_cb()
273							and return undef
274							unless $controller && $namespace;# failed load class
275
276	0	0	0				$access->access_namespace($namespace, $id2)
277							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] by namespace=[%s]; args=[%s]; defaults=[%s]",
278							$route->pattern->unparsed,
279							$c->dumper($id2) =~ s/\s+//gr,
280							$namespace,
281							$c->dumper($args) =~ s/\s+//gr,
282							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
283							)
284							&& return 1;
285
286	0	0	0				$access->access_controller($namespace, $controller, $id2)
287							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] by namespace=[%s] and controller=[%s]; args=[%s]; defaults=[%s]",
288							$route->pattern->unparsed,
289							$c->dumper($id2) =~ s/\s+//gr,
290							$namespace, $controller,
291							$c->dumper($args) =~ s/\s+//gr,
292							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
293							)
294							&& return 1;
295
296							# еще раз контроллер, который тут без namespace и в базе без namespace ------> доступ из любого места
297							$args->{namespace} \|\| $route->pattern->defaults->{namespace}
298	0	0	0				\|\| $access->access_controller(undef, $controller, $id2)
			0
			0
299							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] by controller=[%s] without namespace on db; args=[%s]; defaults=[%s]",
300							$route->pattern->unparsed,
301							$c->dumper($id2) =~ s/\s+//gr,
302							$controller,
303							$c->dumper($args) =~ s/\s+//gr,
304							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
305							)
306							&& return 1;
307
308							my $action = $args->{action} \|\| $route->pattern->defaults->{action}
309	0	0	0				or $self->deny_log($route, $args, $u, $c)
			0
			0
310							and $c->$fail_access_cb()
311							and return undef;
312
313	0	0	0				$access->access_action($namespace, $controller, $action, $id2)
314							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] by namespace=[%s] and controller=[%s] and action=[%s]; args=[%s]; defaults=[%s]",
315							$route->pattern->unparsed,
316							$c->dumper($id2) =~ s/\s+//gr,
317							$namespace , $controller, $action,
318							$c->dumper($args) =~ s/\s+//gr,
319							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
320							)
321							&& return 1;
322
323							# еще раз контроллер, который тут без namespace и в базе без namespace ------> доступ из любого места
324							$args->{namespace} \|\| $route->pattern->defaults->{namespace}
325	0	0	0				&& $access->access_action(undef, $controller, $action, $id2)
			0
			0
326							&& $app->log->debug(sprintf "Access allow [%s] for roles=[%s] by (namespace=[any]) controller=[%s] and action=[%s]; args=[%s]; defaults=[%s]",
327							$route->pattern->unparsed,
328							$c->dumper($id2) =~ s/\s+//gr,
329							$controller, $action,
330							$c->dumper($args) =~ s/\s+//gr,
331							$c->dumper($route->pattern->defaults) =~ s/\s+//gr,
332							)
333							&& return 1;
334
335	0						$self->deny_log($route, $args, $u, $c);
336	0						$c->$fail_access_cb();
337	0						return undef;
338							}
339
340							sub deny_log {
341	0			0	0		my $self = shift;
342	0						my ($route, $args, $u, $c) = @_;
343	0						my $app = $self->app;
344							$app->log->debug(sprintf "Access deny [%s] for profile id=[%s]; args=[%s]; defaults=[%s]",
345							$route->pattern->unparsed,
346	0	0					$u ? $u->{id} : 'non auth',
347							$app->dumper($args) =~ s/\s+//gr,
348							$app->dumper($route->pattern->defaults) =~ s/\s+//gr,
349							);
350							}
351
352							sub model {
353	0			0	0		my ($self, $name) = @_;
354	0						my $ns = $self->merge_conf->{'model_namespace'};
355	0	0					my $class = load_class(namespace => $ns, module=> $name)
356							or die "Model module [$name] not found at namespace [$ns] or has errors";
357
358	0						weaken $self;
359							#~ weaken $self->{app};
360	0						$class->new(app=>$self->app, plugin=>$self); # синглетоны в общем
361
362							};
363
364							our $VERSION = '0.880';
365
366							=pod
367
368							=encoding utf8
369
370							=head1 Доброго всем
371
372							¡ ¡ ¡ ALL GLORY TO GLORIA ! ! !
373
374							=head1 Mojolicious::Plugin::RoutesAuthDBI
375
376							Plugin makes an auth operations throught the plugin L and OAuth2 by L.
377
378							=head1 VERSION
379
380							0.880
381
382							=head1 NAME
383
384							Mojolicious::Plugin::RoutesAuthDBI - from DBI tables does generate app routes, make authentication and make restrict access (authorization).
385
386							=head1 DB DESIGN DIAGRAM
387
388							First of all you will see L or L
389
390							=head1 SYNOPSIS
391
392							$app->plugin('RoutesAuthDBI',
393							dbh => $app->dbh,
394							auth => {...},
395							access => {...},
396							admin => {...},
397							oauth => {...},
398							guest => {...},
399							template => {...},
400							model_namespace=>...,
401							);
402
403
404							=head2 PLUGIN OPTIONS
405
406							One option C is mandatory, all other - optional.
407
408							=head3 dbh
409
410							Handler DBI connection where are tables: controllers, actions, routes, logins, profiles, roles, refs and oauth.
411
412							dbh => $app->dbh,
413							# or
414							dbh => sub { shift->dbh },
415
416							=head3 auth
417
418							Hashref options pass to base plugin L.
419							By default the option:
420
421							current_user_fn => 'auth_user',
422							stash_key => "Mojolicious::Plugin::RoutesAuthDBI__user__",
423
424							The options:
425
426							load_user => \&load_user,
427							validate_user => \&validate_user,
428
429							are imported from package access module. See below.
430
431							=head3 access
432
433							Hashref options for special access module. This module has subs/methods for manage auth and access operations, has appling routes from DBI table. By default plugin will load the builtin module:
434
435							access => {
436							module => 'Access',
437							namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
438							...,
439							},
440
441
442							You might define your own module by passing options:
443
444							access => {
445							module => 'Foo',
446							namespace => 'Bar::Baz',
447							...,
448							},
449
450							See L for detail options list.
451
452							=head3 admin
453
454							Hashref options for admin controller for actions on SQL tables routes, roles, profiles, logins. By default the builtin module:
455
456							admin => {
457							controller => 'Admin',
458							namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
459							...,
460							},
461
462
463							You might define your own controller by passing options:
464
465							admin => {
466							controller => 'Foo',
467							namespace => 'Bar::Baz',
468							...,
469							},
470
471							See L for detail options list.
472
473							=head3 oauth
474
475							Hashref options for oauth controller. By default the builtin module:
476
477							oauth => {
478							controller => 'OAuth',
479							namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
480							...,
481							},
482
483
484							You might define your own controller by passing options:
485
486							oauth => {
487							controller => 'Foo::Bar::Baz',
488							...,
489							},
490
491							See L for detail options list.
492
493							=head3 guest
494
495							Hashref options for guest module. Defaults are:
496
497							guest => {
498							namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
499							module => 'Guest',
500							session_key => 'guest_data',
501							stash_key => "Mojolicious::Plugin::RoutesAuthDBI__guest__",
502
503							},
504
505							Disable guest module usage:
506
507							guest => undef, # or none in config
508
509							See L
510
511							=head3 model_namespace
512
513							Where are your models place. Default to "Mojolicious::Plugin::RoutesAuthDBI::Model".
514
515							=head3 template
516
517							Hashref variables for SQL templates of models dictionaries. Defaults is C<$Mojolicious::Plugin::RoutesAuthDBI::Schema::defaults>. See L.
518
519							=head1 INSTALL
520
521							See L.
522
523							=head1 OVER CONDITIONS
524
525							=head2 access
526
527							Heart of this plugin! This condition apply for all db routes even if column auth set to 0. It is possible to apply this condition to non db routes also:
528
529							=over 4
530
531							=item * No access check to route, but authorization by session will ready:
532
533							$r->route('/foo')->...->over(access=>{auth=>0})->...;
534
535							=item * Allow if has authentication only:
536
537							$r->route('/foo')->...->over(access=>{auth=>'only'})->...;
538							# same as
539							# $r->route('/foo')->...->over(authenticated => 1)->...; # see Mojolicious::Plugin::Authentication
540
541							=item * Allow for guest
542
543							$r->route('/foo')->...->over(access=>{guest=>1})->...;
544
545							To makes guest session:
546
547							$c->access->plugin->guest->store($c, {<...some data...>});
548
549							See L
550
551							=item * Route accessible if profile roles assigned to either B namespace or controller 'Bar.pm' (which assigned neither namespece on db or assigned to that loadable namespace) or action 'bar' on controller Bar.pm (action record in db table actions):
552
553							$r->route('/bar-bar-any-namespace')->to('bar#bar',)->over(access=>{auth=>1})->...;
554
555							=item * Explicit defined namespace route accessible either namespace 'Bar' or 'Bar::Bar.pm' controller or action 'bar' in controller 'Bar::Bar.pm' (which assigned to namespace 'Bar' in table refs):
556
557							$r->route('/bar-bar-bar')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1})->...;
558
559							=item * Check access by overriden namespace 'BarX': controller and action also with that namespace in db table refs:
560
561							$r->route('/bar-nsX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX'})->...;
562
563							=item * Check access by overriden namespace 'BarX' and controller 'BarX.pm', action record also with that ns & c in db table refs:
564
565							$r->route('/bar-nsX-cX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX', controller=>'BarX'})->...;
566
567							=item * Full override names access:
568
569							$r->route('/bar-nsX-cX-aX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX', controller=>'BarX', action=>'barX'})->...;
570
571							=item *
572
573							$r->route('/bar-cX-aX')->to('bar#bar',)->over(access=>{auth=>1, controller=>'BarX', action=>'barX'})->...;
574
575							=item * Route accessible if profile roles list has defined role (admin):
576
577							$r->route('/bar-role-admin')->to('bar#bar',)->over(access=>{auth=>1, role=> 'admin'})->...;
578
579							=item * Pass callback to access condition
580
581							The callback will get parameters: $profile, $route, $c, $captures, $args (this callback ref). Callback must returns true or false for restrict access. Example simple auth access:
582
583							$r->route('/check-auth')->over(access=>sub {my ($profile, $route, $c, $captures, $args) = @_; return $profile;})->to(cb=>sub {my $c =shift; $c->render(format=>'txt', text=>"Hi @{[$c->auth_user->{names}]}!\n\nYou have access!");});
584
585							=back
586
587							=head1 HELPERS
588
589							=head2 access
590
591							Returns access instance obiect. See L methods.
592
593							if ($c->access->access_explicit([1,2,3], [1,2,3])) {
594							# yes, accessible
595							}
596
597							=head1 METHODS and SUBS
598
599							Registration() & access() & .
600
601							=head2 Example routing table records
602
603							Request
604							HTTP method(s) (optional)
605							and the URL (space delim)
606							Contoller Method Route Name Auth
607							------------------------- ----------- -------------- ----------------- -----
608							GET /city/new City new_form city_new_form 1
609							GET /city/:id City show city_show 1
610							GET /city/edit/:id City edit_form city_edit_form 1
611							GET /cities City index city_index 1
612							POST /city City save city_save 1
613							GET /city/delete/:id City delete_form city_delete_form 1
614							DELETE /city/:id City delete city_delete 1
615							/ Home index home_index 0
616							get post /foo/baz Foo baz foo_baz 1
617
618							It table will generate the L:
619
620							# GET /city/new
621							$r->route('/city/new')->via('get')->over()->to(controller => 'city', action => 'new_form')->name('city_new_form');
622
623							# GET /city/123 - show item with id 123
624							$r->route('/city/:id')->via('get')->over()->to(controller => 'city', action => 'show')->name('city_show');
625
626							# GET /city/edit/123 - form to edit an item
627							$r->route('/city/edit/:id')->via('get')->over()->to(controller => 'city', action => 'edit_form')->name('city_edit_form');
628
629							# GET /cities - list of all items
630							$r->route('/cities')->via('get')->over()->to(controller => 'city', action => 'index')->name('cities_index');
631
632							# POST /city - create new item or update the item
633							$r->route('/city')->via('post')->to(controller => 'city', action => 'save')->name('city_save');
634
635							# GET /city/delete/123 - form to confirm delete an item id=123
636							$r->route('/city/delete/:id')->via('get')->over()->to(controller => 'city', action => 'delete_form')->name('city_delete_form');
637
638							# DELETE /city/123 - delete an item id=123
639							$r->route('/city/:id')->via('delete')->over()->to(controller => 'city', action => 'delete')->name('city_delete');
640
641							# without HTTP method and no auth restrict
642							$r->route('/')->to(controller => 'Home', action => 'index')->name('home_index');
643
644							# GET or POST /foo/baz
645							$r->route('/foo/baz')->via('GET', 'post')->over()->to(controller => 'Foo', action => 'baz')->name('foo_baz');
646
647							=head2 Warning
648
649							If you changed the routes table then kill -HUP or reload app to regenerate routes. Changing assess not require reloading the service.
650
651							=head1 SEE ALSO
652
653							L
654
655							L
656
657							=head1 AUTHOR
658
659							Михаил Че (Mikhail Che), C<< >>
660
661							=head1 BUGS / CONTRIBUTING
662
663							Please report any bugs or feature requests at L. Pull requests also welcome.
664
665							=head1 COPYRIGHT
666
667							Copyright 2016+ Mikhail Che.
668
669							This library is free software; you can redistribute it and/or modify
670							it under the same terms as Perl itself.
671
672							=cut
673