File Coverage

blib/lib/Yancy/Plugin/Auth/Role/RequireUser.pm
Criterion Covered Total %
statement 17 17 100.0
branch 4 4 100.0
condition 9 9 100.0
subroutine 4 4 100.0
pod 1 1 100.0
total 35 35 100.0


line stmt bran cond sub pod time code
1             package Yancy::Plugin::Auth::Role::RequireUser;
2             our $VERSION = '1.087';
3             # ABSTRACT: Add authorization based on user attributes
4              
5             #pod =head1 SYNOPSIS
6             #pod
7             #pod use Mojolicious::Lite;
8             #pod plugin Yancy => ...;
9             #pod
10             #pod # Require any user
11             #pod my $require_user = app->yancy->auth->require_user;
12             #pod my $user = app->routes->under( '/user', $require_user );
13             #pod
14             #pod # Require a user with the `is_admin` field set to true
15             #pod my $require_admin = app->yancy->auth->require_user( { is_admin => 1 } );
16             #pod my $admin = app->routes->under( '/admin', $require_admin );
17             #pod
18             #pod =head1 DESCRIPTION
19             #pod
20             #pod B This module is C and its API may change before
21             #pod Yancy v2.000 is released.
22             #pod
23             #pod This plugin adds a simple authorization method to your site. All default
24             #pod Yancy auth plugins use this role to provide the C
25             #pod helper.
26             #pod
27             #pod =head1 SEE ALSO
28             #pod
29             #pod L
30             #pod
31             #pod =cut
32              
33 7     7   4208 use Mojo::Base '-role';
  7         18  
  7         51  
34 7     7   3207 use Yancy::Util qw( currym match );
  7         18  
  7         2525  
35              
36             #pod =method require_user
37             #pod
38             #pod my $subref = $c->yancy->auth->require_user( \%match );
39             #pod
40             #pod Build a callback to validate there is a logged-in user, and optionally
41             #pod that the current user has certain fields set. C<\%match> is optional and
42             #pod is a L matched
43             #pod with L.
44             #pod
45             #pod # Ensure the user is logged-in
46             #pod my $user_cb = $app->yancy->auth->require_user;
47             #pod my $user_only = $app->routes->under( $user_cb );
48             #pod
49             #pod # Ensure the user's "is_admin" field is set to 1
50             #pod my $admin_cb = $app->yancy->auth->require_user( { is_admin => 1 } );
51             #pod my $admin_only = $app->routes->under( $admin_cb );
52             #pod
53             #pod =cut
54              
55             sub require_user {
56 9     9 1 34 my ( $self, $c, $where ) = @_;
57             return sub {
58 16     16   216028 my ( $c ) = @_;
59             #; say "Are you authorized? " . $c->yancy->auth->current_user;
60 16         75 my $user = $c->yancy->auth->current_user;
61             # If where isn't specified, or it's a plain scalar truth value
62 16 100 100     174 if ( ( !$where || ( !ref $where && $where ) ) && $user ) {
      100        
63 4         23 return 1;
64             }
65 12 100 100     73 if ( $where && match( $where, $user ) ) {
66 3         15 return 1;
67             }
68             # XXX: Create `reply->unauthorized` helper
69             $c->stash(
70 9         57 template => 'yancy/auth/unauthorized',
71             status => 401,
72             logout_route => $self->logout_route->render,
73             );
74 9         1497 $c->respond_to(
75             json => {},
76             html => {},
77             );
78 9         86739 return undef;
79 9         77 };
80             }
81              
82             around register => sub {
83             my ( $orig, $self, $app, $config ) = @_;
84             $app->helper(
85             'yancy.auth.require_user' => currym( $self, 'require_user' ),
86             );
87             $self->$orig( $app, $config );
88             };
89              
90             1;
91              
92             __END__