DOKK / manpages / debian 12 / liblemonldap-ng-portal-perl / Lemonldap::NG::Portal::UserDB.3pm.en
Lemonldap::NG::Portal::UserDB(3pm) User Contributed Perl Documentation Lemonldap::NG::Portal::UserDB(3pm)

Lemonldap:NG::Portal::UserDB - Writing authentication modules for LemonLDAP::NG.

  package Lemonldap::NG::Portal::UserDB::My;
  
  use strict;
  use Mouse;
  # Add constants used by this module
  use Lemonldap::NG::Portal::Main::Constants qw(PE_OK);
  
  our $VERSION = '0.1';
  
  extends 'Lemonldap::NG::Common::Module';
  sub init {
      ...
  }
  
  sub getUser {
      my ( $self, $req, %args ) = @_;
      ...
  }
  
  sub setSessionInfo {
      my ( $self, $req ) = @_;
      ...
  }
  
  sub setGroups {
      my ( $self, $req ) = @_;
      ...
  }

UserDB modules are used to search a user in user database. UserDB modules are independent objects that are instantiated by Lemonldap::NG portal. They must provide methods described below.

"Routes" management

Like any module that inherits from Lemonldap::NG::Portal::Plugin, Lemonldap::NG::Portal::Main::Auth provides URI path functions:

Example:

  sub init {
      ...
      $self->addAuthRoute( saml => { proxy => "proxySub" }, [ 'GET', 'POST' ] );
      ...
  }
  sub proxySub {
      my ( $self, $req ) = @_;
      ...
      # This sub must return a PSGI response. Example
      return [ 302, [ Location => 'http://x.y/' ], [] ];
  }

This means that requests http://auth.../saml/proxy will be given to proxySub() method.

init()

Method launched after object creation (after each configuration reload). It must return a true value if authentication module is ready, false else.

Methods called at each request

All these methods must return a Lemonldap::NG::Portal::Main::Constants value. They are called with one argument: a Lemonldap::NG::Portal::Main::Request object.

Note: if you want to change process() next steps, you just have to change $req->steps array.

getUser($req,%args)

First method called to search user in database. If $args{useMail} is set then $req->{user} contains a mail address.

setSessionInfo($req)

This method is called after authentication process. It must populate $req->sessionInfo.

setGroups($req)

This method populates $req->{sessionInfo}->{groups} if backend is able to provide groups (Like LDAP). Else, it juste return PE_OK.

Logging is provided by $self->logger and $self->userLogger. The following rules must be applied:

Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

Lemonldap::NG is available at <https://lemonldap-ng.org/download>

See COPYING file for details.

This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

2023-09-29 perl v5.36.0