% htpasswd 
 % plugauthlite


Very minimal PlugAuth server implementation suitable for Clustericious apps to authenticate against using Clustericious::Plugin::PlugAuth.

The only prerequsites are Mojolicious and a Perl supported by Mojolicious.

It provides authentication only (not authorization). Username/password combinations are specified in a standard Apache like password file. If Crypt::PasswdMD5 is installed then the passwords can be encrypted.

The password file is specified using the environment variable PLUGAUTH_LITE_FILE and passwd in the current directory is used by default. If the environment variable PLUGAUTH_LITE_PLAIN is true then it will not attempt to use Crypt::PasswdMD5 and will not use encryption for the password file.


Any routes not specified return 404.

GET /auth

  • if username and password provided using BASIC authentication and are correct

    Return 200 ok

  • if username and password provided using BASIC authentication but are not correct

    Return 403 not ok

  • if username and password are not provided using BASIC authentication

    Return 401 please authenticate

GET /authz/user/#user/#action/(*resource)

For this server all user/action/resource combination are authorized. If you need to customize the authorization, use the full featured PlugAuth server or partially featured Mojolicious::Plugin::PlugAuthLite plugin.

  • if the given user (#user) is permitted to perform the given action (#action) on the given resource (*resource)

    Return 200 ok