Lots of useless code. Not clear where check_ip lives or the need for DBI or CGI. Basically all you need is:
package Apache2::Authclients; use Apache2::RequestRec (); # for $r->content_type use Apache2::Connection (); # for $c->remote_ip use Apache2::SubRequest (); # for $r->internal_redirect use Apache2::Const -compile => ':common'; sub handler { my $r = shift; my $c = $r->connection(); if ( check_ip($c->remote_ip(), $r->dir_config('product')) ) { $r->internal_redirect($r->uri); } else { $r->internal_redirect('/path/to/login'); } }
Note that this code has a serious bug. You seem to assume that the remote_ip will be unique. If I am (say) at a university going through a proxy server (just about all connections will go through a proxy somewhere) the remote_ip for many connections will be the same. Thus if several people on campus were accessing your site simultaneously they would all have the same remote ip (you don't see their real ip which will be 10.x.x.x or 192.168.x.x or similar. The usual/common way to handle this is to assign a session cookie following a successful login. The logic then becomes if valid_session do stuff else login. A successful login give you a valid session key.
Session control and login is a common problem with multiple CPAN modular solutions. Have a look at Apache2::AuthCookie Apache2::AuthCookieDBI for example. No reason you can't roll your own session framework. No need to either as there are literally dozens of pre-rolled solutions, highly likely to work out of the box.
In reply to Re: Apache2 Mod_perl 2 without a endless loop of redirect
by tachyon-II
in thread Apache2 Mod_perl 2 without a endless loop of redirect
by overworked
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |