Commit | Line | Data |
1a776a0c |
1 | package Catalyst::Plugin::Session::State::Cookie; |
2 | use base qw/Catalyst::Plugin::Session::State/; |
bf2bce67 |
3 | |
4 | use strict; |
1a776a0c |
5 | use warnings; |
bf2bce67 |
6 | |
1a776a0c |
7 | use NEXT; |
74586782 |
8 | use Catalyst::Utils (); |
bf2bce67 |
9 | |
8bdcbb46 |
10 | our $VERSION = "0.05"; |
81eb8ebf |
11 | |
5e50008f |
12 | sub setup_session { |
20e33791 |
13 | my $c = shift; |
5e50008f |
14 | |
20e33791 |
15 | $c->NEXT::setup_session(@_); |
2bde9162 |
16 | |
7022ec4c |
17 | $c->config->{session}{cookie_name} |
18 | ||= Catalyst::Utils::appprefix($c) . '_session'; |
5e50008f |
19 | } |
20 | |
0ff18b66 |
21 | sub extend_session_id { |
22 | my ( $c, $sid, $expires ) = @_; |
1a776a0c |
23 | |
2bde9162 |
24 | if ( my $cookie = $c->get_session_cookie ) { |
0ff18b66 |
25 | $c->update_session_cookie( $c->make_session_cookie( $sid ) ); |
58730edc |
26 | } |
db1cda22 |
27 | |
0b3bde04 |
28 | $c->NEXT::extend_session_id( $sid, $expires ); |
2bde9162 |
29 | } |
30 | |
31 | sub set_session_id { |
32 | my ( $c, $sid ) = @_; |
33 | |
34 | $c->update_session_cookie( $c->make_session_cookie( $sid ) ); |
35 | |
0b3bde04 |
36 | return $c->NEXT::set_session_id($sid); |
db1cda22 |
37 | } |
38 | |
39 | sub update_session_cookie { |
58730edc |
40 | my ( $c, $updated ) = @_; |
8bdcbb46 |
41 | |
42 | unless ( $c->cookie_is_rejecting( $updated ) ) { |
43 | my $cookie_name = $c->config->{session}{cookie_name}; |
44 | $c->response->cookies->{$cookie_name} = $updated; |
45 | } |
46 | } |
47 | |
48 | sub cookie_is_rejecting { |
49 | my ( $c, $cookie ) = @_; |
50 | |
51 | if ( $cookie->{path} ) { |
91e4fe2d |
52 | return 1 if index '/'.$c->request->path, $cookie->{path}; |
8bdcbb46 |
53 | } |
54 | |
55 | return 0; |
db1cda22 |
56 | } |
5e50008f |
57 | |
db1cda22 |
58 | sub make_session_cookie { |
2bde9162 |
59 | my ( $c, $sid, %attrs ) = @_; |
58730edc |
60 | |
61 | my $cfg = $c->config->{session}; |
62 | my $cookie = { |
2bde9162 |
63 | value => $sid, |
58730edc |
64 | ( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ), |
8bdcbb46 |
65 | ( $cfg->{cookie_path} ? ( path => $cfg->{cookie_path} ) : () ), |
df55e818 |
66 | %attrs, |
58730edc |
67 | }; |
68 | |
2bde9162 |
69 | unless ( exists $cookie->{expires} ) { |
70 | $cookie->{expires} = $c->calculate_session_cookie_expires(); |
71 | } |
1e986fd5 |
72 | |
fc4b9d6d |
73 | $cookie->{secure} = 1 if $cfg->{cookie_secure}; |
74 | |
1e986fd5 |
75 | return $cookie; |
76 | } |
77 | |
2bde9162 |
78 | sub calc_expiry { # compat |
79 | my $c = shift; |
80 | $c->NEXT::calc_expiry( @_ ) || $c->calculate_session_cookie_expires( @_ ); |
81 | } |
82 | |
83 | sub calculate_session_cookie_expires { |
84 | my $c = shift; |
85 | my $cfg = $c->config->{session}; |
86 | |
87 | my $value = $c->NEXT::calculate_session_cookie_expires(@_); |
1e986fd5 |
88 | return $value if $value; |
2bde9162 |
89 | |
58730edc |
90 | if ( exists $cfg->{cookie_expires} ) { |
7022ec4c |
91 | if ( $cfg->{cookie_expires} > 0 ) { |
1e986fd5 |
92 | return time() + $cfg->{cookie_expires}; |
7022ec4c |
93 | } |
94 | else { |
1e986fd5 |
95 | return undef; |
7022ec4c |
96 | } |
58730edc |
97 | } |
98 | else { |
2bde9162 |
99 | return $c->session_expires; |
58730edc |
100 | } |
bf2bce67 |
101 | } |
102 | |
2bde9162 |
103 | sub get_session_cookie { |
bf2bce67 |
104 | my $c = shift; |
1a776a0c |
105 | |
20e33791 |
106 | my $cookie_name = $c->config->{session}{cookie_name}; |
5e50008f |
107 | |
2bde9162 |
108 | return $c->request->cookies->{$cookie_name}; |
109 | } |
110 | |
111 | sub get_session_id { |
112 | my $c = shift; |
113 | |
114 | if ( my $cookie = $c->get_session_cookie ) { |
bf2bce67 |
115 | my $sid = $cookie->value; |
bf2bce67 |
116 | $c->log->debug(qq/Found sessionid "$sid" in cookie/) if $c->debug; |
2bde9162 |
117 | return $sid if $sid; |
bf2bce67 |
118 | } |
bf2bce67 |
119 | |
2bde9162 |
120 | $c->NEXT::get_session_id(@_); |
121 | } |
122 | |
123 | sub delete_session_id { |
df55e818 |
124 | my ( $c, $sid ) = @_; |
125 | |
126 | $c->update_session_cookie( $c->make_session_cookie( $sid, expires => 0 ) ); |
127 | |
128 | $c->NEXT::delete_session_id($sid); |
bf2bce67 |
129 | } |
130 | |
1a776a0c |
131 | __PACKAGE__ |
57dbf608 |
132 | |
1a776a0c |
133 | __END__ |
bf2bce67 |
134 | |
1a776a0c |
135 | =pod |
b2f8df5e |
136 | |
1a776a0c |
137 | =head1 NAME |
bf2bce67 |
138 | |
75d3560d |
139 | Catalyst::Plugin::Session::State::Cookie - Maintain session IDs using cookies. |
bf2bce67 |
140 | |
1a776a0c |
141 | =head1 SYNOPSIS |
bf2bce67 |
142 | |
20e33791 |
143 | use Catalyst qw/Session Session::State::Cookie Session::Store::Foo/; |
bf2bce67 |
144 | |
1a776a0c |
145 | =head1 DESCRIPTION |
bf2bce67 |
146 | |
1a776a0c |
147 | In order for L<Catalyst::Plugin::Session> to work the session ID needs to be |
148 | stored on the client, and the session data needs to be stored on the server. |
bf2bce67 |
149 | |
1a776a0c |
150 | This plugin stores the session ID on the client using the cookie mechanism. |
57dbf608 |
151 | |
724a6173 |
152 | =head1 METHODS |
153 | |
154 | =over 4 |
155 | |
156 | =item make_session_cookie |
157 | |
158 | Returns a hash reference with the default values for new cookies. |
159 | |
160 | =item update_session_cookie $hash_ref |
161 | |
162 | Sets the cookie based on C<cookie_name> in the response object. |
163 | |
164 | =back |
165 | |
1a776a0c |
166 | =head1 EXTENDED METHODS |
58c05d1a |
167 | |
57dbf608 |
168 | =over 4 |
169 | |
1a776a0c |
170 | =item prepare_cookies |
57dbf608 |
171 | |
1a776a0c |
172 | Will restore if an appropriate cookie is found. |
58c05d1a |
173 | |
d52e5079 |
174 | =item finalize_cookies |
58c05d1a |
175 | |
19c2baa1 |
176 | Will set a cookie called C<session> if it doesn't exist or if it's value is not |
177 | the current session id. |
178 | |
179 | =item setup_session |
180 | |
181 | Will set the C<cookie_name> parameter to it's default value if it isn't set. |
58c05d1a |
182 | |
57dbf608 |
183 | =back |
58c05d1a |
184 | |
5e50008f |
185 | =head1 CONFIGURATION |
186 | |
187 | =over 4 |
188 | |
189 | =item cookie_name |
190 | |
ae33e13f |
191 | The name of the cookie to store (defaults to C<Catalyst::Utils::apprefix($c) . '_session'>). |
5e50008f |
192 | |
41b4b15c |
193 | =item cookie_domain |
194 | |
195 | The name of the domain to store in the cookie (defaults to current host) |
196 | |
7022ec4c |
197 | =item cookie_expires |
198 | |
199 | Number of seconds from now you want to elapse before cookie will expire. |
200 | Set to 0 to create a session cookie, ie one which will die when the |
201 | user's browser is shut down. |
202 | |
fc4b9d6d |
203 | =item cookie_secure |
204 | |
205 | If this attribute set true, the cookie will only be sent via HTTPS. |
206 | |
8bdcbb46 |
207 | =item cookie_path |
208 | |
209 | The path of the request url where cookie should be baked. |
210 | |
5e50008f |
211 | =back |
212 | |
724a6173 |
213 | =head1 CAVEATS |
db1cda22 |
214 | |
215 | Sessions have to be created before the first write to be saved. For example: |
216 | |
217 | sub action : Local { |
218 | my ( $self, $c ) = @_; |
219 | $c->res->write("foo"); |
220 | $c->session( ... ); |
221 | ... |
222 | } |
223 | |
224 | Will cause a session ID to not be set, because by the time a session is |
225 | actually created the headers have already been sent to the client. |
226 | |
bf2bce67 |
227 | =head1 SEE ALSO |
228 | |
1a776a0c |
229 | L<Catalyst>, L<Catalyst::Plugin::Session>. |
bf2bce67 |
230 | |
47f47da5 |
231 | =head1 AUTHORS |
bf2bce67 |
232 | |
47f47da5 |
233 | This module is derived from L<Catalyst::Plugin::Session::FastMmap> code, and |
234 | has been heavily modified since. |
235 | |
236 | Andrew Ford |
237 | Andy Grundman |
238 | Christian Hansen |
239 | Yuval Kogman, C<nothingmuch@woobling.org> |
240 | Marcus Ramberg |
241 | Sebastian Riedel |
bf2bce67 |
242 | |
243 | =head1 COPYRIGHT |
244 | |
bfeb5ca0 |
245 | This program is free software, you can redistribute it and/or modify it |
246 | under the same terms as Perl itself. |
bf2bce67 |
247 | |
248 | =cut |
249 | |
250 | 1; |