1 package Plack::Session::State::Cookie;
6 our $AUTHORITY = 'cpan:STEVAN';
8 use parent 'Plack::Session::State';
12 use Plack::Util::Accessor qw[
21 my ($self, $env) = @_;
22 Plack::Request->new($env)->cookies->{$self->session_key};
26 my($self, %options) = @_;
30 $options{path} = $self->path || '/' if !exists $options{path};
31 $options{domain} = $self->domain if !exists $options{domain} && defined $self->domain;
32 $options{secure} = $self->secure if !exists $options{secure} && defined $self->secure;
33 $options{httponly} = $self->httponly if !exists $options{httponly} && defined $self->httponly;
36 if (!exists $options{expires} && defined $self->expires) {
37 $options{expires} = time + $self->expires;
43 sub expire_session_id {
44 my ($self, $id, $res, $options) = @_;
45 my %opts = $self->merge_options(%$options, expires => time);
46 $self->_set_cookie($id, $res, %opts);
50 my ($self, $id, $res, $options) = @_;
51 my %opts = $self->merge_options(%$options);
52 $self->_set_cookie($id, $res, %opts);
56 my($self, $id, $res, %options) = @_;
58 # TODO: Do not use Plack::Response
59 my $response = Plack::Response->new(@$res);
60 $response->cookies->{ $self->session_key } = +{
65 my $final_r = $response->finalize;
66 $res->[1] = $final_r->[1]; # headers
77 Plack::Session::State::Cookie - Basic cookie-based session state
82 use Plack::Middleware::Session;
85 return [ 200, [ 'Content-Type' => 'text/plain' ], [ 'Hello Foo' ] ];
89 enable 'Session'; # Cookie is the default state
95 This is a subclass of L<Plack::Session::State> and implements its
96 full interface. This is the default state used in
97 L<Plack::Middleware::Session>.
103 =item B<new ( %params )>
105 The C<%params> can include I<path>, I<domain>, I<expires>, I<secure>,
106 and I<httponly> options, as well as all the options accepted by
107 L<Plack::Session::Store>.
111 Path of the cookie, this defaults to "/";
115 Domain of the cookie, if nothing is supplied then it will not
116 be included in the cookie.
120 Expiration time of the cookie in seconds, if nothing is supplied then
121 it will not be included in the cookie, which means the session expires
126 Secure flag for the cookie, if nothing is supplied then it will not
127 be included in the cookie.
131 HttpOnly flag for the cookie, if nothing is supplied then it will not
132 be included in the cookie.
138 All complex software has bugs lurking in it, and this module is no
139 exception. If you find a bug please either email me, or add the bug
144 Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
146 =head1 COPYRIGHT AND LICENSE
148 Copyright 2009, 2010 Infinity Interactive, Inc.
150 L<http://www.iinteractive.com>
152 This library is free software; you can redistribute it and/or modify
153 it under the same terms as Perl itself.