use strict;
use warnings;
+our $VERSION = '0.09_02';
+our $AUTHORITY = 'cpan:STEVAN';
+
use Digest::SHA1 ();
use Plack::Util::Accessor qw[
sub new {
my ($class, %params) = @_;
- $params{'_expired'} ||= +{};
$params{'session_key'} ||= 'plack_session';
$params{'sid_generator'} ||= sub {
Digest::SHA1::sha1_hex(rand() . $$ . {} . time)
}
sub expire_session_id {
- my ($self, $id) = @_;
- $self->{'_expired'}->{ $id }++;
-}
-
-sub is_session_expired {
- my ($self, $id) = @_;
- exists $self->{'_expired'}->{ $id }
+ my ($self, $id, $res) = @_;
}
-sub check_expired {
+sub validate_session_id {
my ($self, $id) = @_;
- return unless $id && not $self->is_session_expired( $id );
- return $id;
-}
-
-sub validate_request_session_id {
- my ($self, $request) = @_;
-
- my $reqest_session_id = $self->get_request_session_id($request);
- my $sid_validator = $self->sid_validator;
-
- defined $reqest_session_id && $reqest_session_id =~ m{$sid_validator};
+ $id =~ $self->sid_validator;
}
sub get_session_id {
- my ($self, $request) = @_;
- (
- $self->validate_request_session_id($request)
- &&
- $self->extract( $request )
- )
- ||
- $self->generate( $request )
-}
-
-sub get_request_session_id {
- my ($self, $request ) = @_;
-
- $request->param( $self->session_key );
+ my ($self, $env) = @_;
+ return Plack::Request->new($env)->param( $self->session_key );
}
sub extract {
- my ($self, $request) = @_;
+ my ($self, $env) = @_;
- $self->check_expired( $self->get_request_session_id($request) );
+ my $id = $self->get_session_id( $env );
+ return unless defined $id;
+
+ return $id if $self->validate_session_id( $id );
+ return;
}
sub generate {
sub finalize {
- my ($self, $id, $response) = @_;
+ my ($self, $id, $res, $options) = @_;
();
}
=item B<sid_validator>
-This is a regex used to validate requested session id,
+This is a regex used to validate requested session id.
=back
=over 4
-=item B<get_session_id ( $request )>
+=item B<get_session_id ( $env )>
+
+This is the method used to extract the session id from a C<$env>.
+Subclasses will often only need to override this method and the
+C<finalize> method.
-Given a C<$request> this will first attempt to extract the session,
-if the is expired or does not exist, it will then generate a new
-session. The C<$request> is expected to be a L<Plack::Request> instance
-or an object with an equivalent interface.
+=item B<validate_session_id ( $session_id )>
-=item B<get_request_session_id ( $request )>
+This will use the C<sid_validator> regex and confirm that the
+C<$session_id> is valid.
-=item B<extract ( $request )>
+=item B<extract ( $env )>
-This will attempt to extract the session from a C<$request> by looking
-for the C<session_key> in the C<$request> params. It will then check to
-see if the session has expired and return the session id if it is not.
-The C<$request> is expected to be a L<Plack::Request> instance or an
-object with an equivalent interface.
+This will attempt to extract the session from a C<$env> by looking
+for the C<session_key> in the request params. It will then check to
+see if the session is valid and that it has not expired. It will return
+the session id if everything is good or undef otherwise.
=item B<generate ( $request )>
=over 4
-=item B<expire_session_id ( $id )>
+=item B<expire_session_id ( $id, $response )>
This will mark the session for C<$id> as expired. This method is called
by the L<Plack::Session> C<expire> method.
-=item B<is_session_expired ( $id )>
-
-This will check to see if the session C<$id> has been marked as
-expired.
-
-=item B<check_expired ( $id )>
-
-Given an session C<$id> this will return C<undef> if the session is
-expired or return the C<$id> if it is not.
-
=back
=head1 BUGS
=head1 COPYRIGHT AND LICENSE
-Copyright 2009 Infinity Interactive, Inc.
+Copyright 2009, 2010 Infinity Interactive, Inc.
L<http://www.iinteractive.com>