in reply to Seperating logic from web display using mason
in thread Problem with Mason, can it be solved with a subrequest?

Thats exactly what I'm currently doing.
  1. page in /auth_required/ is requested
  2. /auth_required/autohandler invoked
  3. reads _session_id from cookie with Apache::Cookie;
  4. checks for session with cookie's _session_id (uses Apache::Session::Pg)
  5. validity: double checks that user_id recorded in session log is still in userdb
The problem is the login forum is at /index.html, and the autohandler that all of my modules requireing authentication are wrapped in is in /auth_required. I believe I have solved the problem the solution I'm currently employing is to set up my <%attr> section as so:
<%attr>
  http_title  => 'Welcome'
  # Invalid user name or password OR username deleted from table
  101         =>  'Invalid username or password'
  # No cookie sent to server
  201         =>  'An error has occured'
  # The session id from cookie was invalid
  301         =>  'An error has occured'

[download]
Then I set up <%args> section as so:
<%args>
  $name_user  =>  undef
  $error      =>  undef
</%args>

[download]
Then from autohandler I clear the gunk out and make a code request: 
      $m->clear_buffer;
      $m->subexec('/index.html', error => 301 );
      $m->abort;

[download]
Then inside of /index.html: 
<%method .non_auth>
  <div class="small_text">
    <h1>
      <% $m->base_comp->attr_if_exists( $m->request_args->{'error'} ) 
+|h%>. You are not logged in.
    </h1>
    If you don't have a login, Click <a href="/create_user.html">here<
+/a> to create one.
  </div>
  <form method="post" action="/index.html">
    <table class="form_fields">
      <tr>
        <td>User Name: </td>
        <td><input type="text" name="name_user" /></td>
      </tr>
      <tr>
        <td>Password: </td>
        <td><input type="password" name="password" value="" alt="Requi
+red only for admins"/></td>
      </tr>
    </table>
    <div style="text-align:right">
      <input type="submit" value="Proceed" />
    </div>
  </form>
</%method>

[download]
Working for the time being, any better ideas? I usually follow MVC to a good extent.


Evan Carroll
www.EvanCarroll.com

In Section Seekers of Perl Wisdom