[Catalyst] catalyst-Plugin-authentication-cdbi

[Will Smith]

Hi,
  I use this mod to force users login to myapp. The sample code works fine:
   
  sub login : Path('/login') { 
    my ( $self, $c ) = @_;   
    $c->stash->{template} = "login.tt"; 
    if ($c->req->params->{email}) { 
        $c->session_login( 
                          $c->req->params->{email}, 
                          $c->req->params->{passphrase} 
                         ); 
        $c->res->redirect( 'home' ) if $c->req->{user}; 
    } 
} 
 
  ---------
  I have users identified by userid, and all other objects are linked to this userid (contract, bill ....). The questions are:
   
  - When a user logins, he/she allowed to see his/her own objects, let say objectid = 1. So when doing add/edit...the objectid=1 appears on the adress bar. What if the person type objectid=2 to do edit/add/delete ...the user is led to the pages of objectid=2.  How do I prevent this? I think about hiding the trail on the address bar, but that's not the way.
   
  - after login, the userid will be used as a global variable that allows the user access to his/her own objects, where is the right place that I declare this variable so that I can access it anywhere? Is in the config part?
   
  - Using session, does this mean that when the same user login on another machine, the previous session will be killed?
   
  Thanks for your help.
   
  Will
   
  
 

		
---------------------------------
 Yahoo! FareChase - Search multiple travel sites in one click.  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rawmode.org/pipermail/catalyst/attachments/20051116/b2e533ff/attachment-0001.htm