Question
I need to create an authentication system for two types of users, clients and staff. I would like to use two separate realms to authenticate them (via Catalyst::Plugin::Authentication), however I would then like to limit that the clients can only see the client controller, whereas staff are free to see both the client controller and the staff controller. In the past whenever I've needed to only authenticate one type of user, I've used CatalystX::SimpleLogin because this makes authenticating users very simple, as well as things like remembering which URL to redirect the user to if they had to login to access a page, etc. However, I cannot figure out a way to do this using CatalystX::SimpleLogin. Has anyone done this before or can anyone think of a way to do it? Or am I better off just straight using Catalyst::Plugin::Authentication to accomplish what I want? Thanks!
Solution
What you want are roles via the Catalyst::Plugin::Authorization::Roles. This allows you to easily separate your different user types. Here is an example from the Catalyst::Plugin::Authentication documentation:
https://stackoverflow.com/questions/16600922
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianuse Catalyst qw/
...
Authorization::Roles
/;
sub edit : Local {
my ( $self, $c ) = @_;
$c->detach("unauthorized") unless $c->check_user_roles("edit");
# do something restricted here
}
