Checking in changes prior to tagging of version 0.11. Changelog diff is:

[catagits/Web-Session.git] / lib / Plack / Session / State / Cookie.pm

diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm
index 2b33edb..3fa19c3 100644 (file)
--- a/lib/Plack/Session/State/Cookie.pm
+++ b/lib/Plack/Session/State/Cookie.pm
@@ -2,7 +2,7 @@ package Plack::Session::State::Cookie;
 use strict;
 use warnings;
 
-our $VERSION   = '0.03';
+our $VERSION   = '0.11';
 our $AUTHORITY = 'cpan:STEVAN';
 
 use parent 'Plack::Session::State';
@@ -14,33 +14,51 @@ use Plack::Util::Accessor qw[
     domain
     expires
     secure
+    httponly
 ];
 
 sub get_session_id {
     my ($self, $env) = @_;
-    ( Plack::Request->new($env)->cookie( $self->session_key ) || return )->value;
+    Plack::Request->new($env)->cookies->{$self->session_key};
+}
+
+sub merge_options {
+    my($self, %options) = @_;
+
+    delete $options{id};
+
+    $options{path}     = $self->path || '/' if !exists $options{path};
+    $options{domain}   = $self->domain      if !exists $options{domain} && defined $self->domain;
+    $options{secure}   = $self->secure      if !exists $options{secure} && defined $self->secure;
+    $options{httponly} = $self->httponly    if !exists $options{httponly} && defined $self->httponly;
+
+
+    if (!exists $options{expires} && defined $self->expires) {
+        $options{expires} = time + $self->expires;
+    }
+
+    return %options;
 }
 
 sub expire_session_id {
     my ($self, $id, $res, $options) = @_;
-    $self->_set_cookie($id, $res, expires => 0);
+    my %opts = $self->merge_options(%$options, expires => time);
+    $self->_set_cookie($id, $res, %opts);
 }
 
 sub finalize {
     my ($self, $id, $res, $options) = @_;
-    $self->_set_cookie($id, $res, (defined $self->expires ? (expires => $self->expires) : ()));
+    my %opts = $self->merge_options(%$options);
+    $self->_set_cookie($id, $res, %opts);
 }
 
 sub _set_cookie {
     my($self, $id, $res, %options) = @_;
 
     # TODO: Do not use Plack::Response
-    my $response = Plack::Response->new($res);
+    my $response = Plack::Response->new(@$res);
     $response->cookies->{ $self->session_key } = +{
         value => $id,
-        path  => ($self->path || '/'),
-        ( defined $self->domain  ? ( domain  => $self->domain  ) : () ),
-        ( defined $self->secure  ? ( secure  => $self->secure  ) : () ),
         %options,
     };
 
@@ -99,8 +117,9 @@ be included in the cookie.
 
 =item B<expires>
 
-Expiration time of the cookie, if nothing is supplied then it will
-not be included in the cookie.
+Expiration time of the cookie in seconds, if nothing is supplied then
+it will not be included in the cookie, which means the session expires
+per browser session.
 
 =item B<secure>