A simple Mojolicious application example for authenticating a user and maintaining a session.
A Work In Progress - Almost Ready for Production Use I am still soliciting comments.
Quick link for the Impatient to Getting Started on the example.
If you've come here following the wonderful short talk, you'll find a tutorial in need of improvement, which you can provide through your comments! Either raise an issue on Github, send a Pull Request or email me at b.duffee at keele dot ac.uk.
I am not the expert. This tutorial is the result of learning to put together a website with authenticated access and having to try out a few ideas after reading the documentation. I use it as a sandbox meaning that it follows my train of thought, so it backtracks now and then as I learn something new (like Config files). You'll also see where I've run out of steam when TODOs start popping up in the text. The documentation seems more oriented towards getting users up and running quickly with Mojolicious::Lite or for advanced developers. I feel there's a gap in the middle.
Here is the text of the Lightning Talk I gave at Mojoconf & Norwegian Perl Workshop 2018 which just advertises this tutorial.
Pointing out parts that are confusing would be a great help. I would welcome anything that identifies how a section could be clearer, explanations of best practice, where I've missed something or what it just plain wrong. I realize that some berks will blindly cut and paste these examples into their code and I really don't want the reputation of Matt's Script Archive.
This example will show you how to
- set up a Mojolicious application
- create a login page
- add simple authentication
- re-direct to a landing page on successful login
- return to login page with message on failed login
- where to place pages that require authenticated access
- restrict access to protected pages using session cookies
- where to place pages that are publically accessible
- add authentication via LDAP
- write to a logfile
- create a logout link and place it on your templates
- re-direct to previous page after successful authentication
- protect your login page against brute force attacks
if we get time we will show you how to
- use a config file to store system values
- add a plugin module, such as Mojolicious::Plugin::OAuth2 and configure it
- speed up serving dynamic web pages using a cache, such as Redis
Instructions on how to build this application are found in docs/. The first step is in Getting_Started.
You can read everything on Github or clone this repository to your machine.
You can access the material in at least three ways:
- Read the docs starting at Getting_Started and follow the instructions
- Look at the code for the app built with the instructions in session_tutorial
- Dive into the Snapshots directory to look at the app at various stages of the build
If you've cloned the repository, you can immediately run the final app in the session_tutorial directory or if you want to see a working example of the Step that you're currently reading, change to the directory of the same name in the Snapshots directory and run the app according to the instructions in the Step.