Catalyst::Authentication::Realm - Base class for realm objects.
- By default this class is used by
Catalyst::Plugin::Authentication for all realms. The class parameter
allows you to choose a different class to use for this realm. Creating a
new Realm class can allow for authentication methods that fall outside the
normal credential/store methodology.
- Set this to true if you wish this realm to auto-create user
accounts when the user doesn't exist (most useful for remote
- Set this to true if you wish this realm to auto-update user
accounts after authentication (most useful for remote authentication
- Sets session usage for this particular realm - overriding
the global use_sesion setting.
Instantiantes this realm, plus the specified store and credential classes.
Returns an instance of the store object for this realm.
Returns an instance of the credential object for this realm.
Retrieves the user given the authentication information provided. This is most
often called from the credential. The default realm class simply delegates
this call the store object. If enabled, auto-creation and auto-updating of
users is also handled here.
Performs the authentication process for the current realm. The default realm
class simply delegates this to the credential and sets the authenticated user
on success. Returns the authenticated user object;
The Realm class allows complete control over the persistance of users between
requests. By default the realm attempts to use the Catalyst session system to
accomplish this. By overriding the methods below in a custom Realm class,
however, you can handle user persistance in any way you see fit.
persist_user is the entry point for saving user information between requests in
most cases this will utilize the session. By default this uses the catalyst
session system to store the user by calling for_session on the active store.
The user object must be a subclass of Catalyst::Authentication::User. If you
have updated the user object, you must call persist_user again to ensure that
the persisted user object reflects your updates.
Removes any persisted user data. By default, removes the user from the session.
Returns whether there is a persisted user that may be restored. Returns a token
used to restore the user. With the default session persistance it returns the
raw frozen user information.
Restores the user from the given frozen_user parameter, or if not provided,
using the response from $self-> user_is_restorable()
to decode the frozen user.
If there is a session to restore, but the restore fails for any reason then this
method is called. This method supplied just removes the persisted user, but
can be overridden if required to have more complex logic (e.g. finding a the
user by their 'old' username).
Decodes the frozenuser information provided and returns an instantiated user
object. By default, this call is delegated to $store->
DEPRECATED. Use persist_user instead. (this simply calls persist_user)