check wrong format request session_id

[catagits/Web-Session.git] / lib / Plack / Session / State / Cookie.pm

diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm
index 6440ebd..12631d4 100644 (file)
--- a/lib/Plack/Session/State/Cookie.pm
+++ b/lib/Plack/Session/State/Cookie.pm
@@ -17,9 +17,14 @@ sub expire_session_id {
     $self->expires( 0 );
 }
 
+sub get_request_session_id {
+    my ($self, $request ) = @_;
+    ($request->cookie( $self->session_key ) || return )->value;
+}
+
 sub extract {
     my ($self, $request) = @_;
-    $self->check_expired( ( $request->cookie( $self->session_key ) || return )->value );
+    $self->check_expired( $self->get_request_session_id($request) || return );
 }
 
 sub finalize {
@@ -51,10 +56,25 @@ __END__
 
 Plack::Session::State::Cookie - Basic cookie-based session state
 
+=head1 SYNOPSIS
+
+  use Plack::Builder;
+  use Plack::Middleware::Session;
+
+  my $app = sub {
+      return [ 200, [ 'Content-Type' => 'text/plain' ], [ 'Hello Foo' ] ];
+  };
+
+  builder {
+      enable 'Session'; # Cookie is the default state
+      $app;
+  };
+
 =head1 DESCRIPTION
 
 This is a subclass of L<Plack::Session::State> and implements it's
-full interface.
+full interface. This is the default state used in
+L<Plack::Middleware::Session>.
 
 =head1 METHODS
 
@@ -62,14 +82,29 @@ full interface.
 
 =item B<new ( %params )>
 
+The C<%params> can include I<path>, I<domain>, I<expires> and
+I<secure> options, as well as all the options accepted by
+L<Plack::Session::Store>.
+
 =item B<path>
 
+Path of the cookie, this defaults to "/";
+
 =item B<domain>
 
+Domain of the cookie, if nothing is supplied then it will not
+be included in the cookie.
+
 =item B<expires>
 
+Expiration time of the cookie, if nothing is supplied then it will
+not be included in the cookie.
+
 =item B<secure>
 
+Secure flag for the cookie, if nothing is supplied then it will not
+be included in the cookie.
+
 =back
 
 =head1 BUGS