<%args> $username $password $redirect_to <%init> if (my @errors = check_login($username, $password) { $m->comp( 'redirect.mas', path => 'login_form.html', query => { errors => \@errors, username => $username, password => $password, redirect_to => $redirect_to } ); } $MasonBook::Session{username} = $username; $MasonBook::Session{token} = Digest::SHA1::sha1_hex( 'My secret phrase', $username ); $m->comp( 'redirect.mas', path => $redirect_to ); if ( $MasonBook::Session{token} ) { if ( $MasonBook::Session{token} eq Digest::SHA1::sha1_hex( 'My secret phrase', $MasonBook::Session{username} ) { # R<... valid login, do something here> } else { # R<... someone is trying to be sneaky!> } } else { # no token my $wanted_page = $r->uri; # Append query string if we have one. $wanted_page .= '?' . $r->args if $r->args; $m->comp( 'redirect.mas', path => '/login/login_form.html', query => { redirect_to => $wanted_page } ); } <%init> my $user = get_user(); # again, hand waving my $required_access = $m->base_comp->attr('required_access'); unless ( $user->has_access_level($required_access) ) { # R<... do something like send them to another page> } $m->call_next; <%attr> required_access => 'Guest' <%attr> required_access => 'Admin' % while (my ($name, $def) = each %styles) { <% $name %> <% $def %> % } <%args> $cobrand <%init> my %styles; die "Security violation, style=$style" unless $cobrand =~ /^\w+$/; foreach my $file ('default.css', "$cobrand.css") { local *FILE; open FILE, "< /var/styles/$file" or die "Cannot read /var/styles/$file: $!"; while () { next unless /(\S+) \s+ (\S.*)/x; $styles{$1} = $2; } close FILE; } $r->content_type('text/css');