On Wed, Sep 30, 2009 at 8:09 AM, Bill Moseley <mose...@hank.org> wrote:
>
>
> On Wed, Sep 30, 2009 at 7:30 AM, Derek Wueppelmann <dwuep...@gmail.com>wrote:
>
>> I'm actually doing forwards to my login page right now. So that when a
>> user logs in they can still see the page they were originally trying to
>> view. I capture the URL they were attempting to view in the login
>> process.
>>
>
> And then redirect back to that original page after login?
>
> I pass that data via the cache or session.
>
> $c->cache->set( $key, {
> orig_url => $url,
> message => 'Auhorization is required',
> });
>
> $c->res->redirect( $c->uri_for( '/login', { info => $key } ) );
>
>
> Catalyst docs show an example using auto. BTW - shouldn't the redirect be
> an absolute-URI?
>
> sub auto : Private {
> my ( $self, $c ) = @_;
> if ( !$c->user_exists ) { # Catalyst::Plugin::Authentication
> $c->res->redirect( '/login' ); # require login
> return 0; # abort request and go immediately to end()
> }
> return 1; # success; carry on to next action
> }
>
My typical recipe is via parameter, rather than session. This is more
flexible, and allows me to pass URLs to people with more definitive results.
You do, however, have to whitelist the URLs prior to redirection. The very
basic recipe is just something to compare the URI base:
my $redir = URI->new( $redir_url );
$redir->base eq $c->req->uri->base;
-J
_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
