X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FPlack%2FSession%2FState%2FCookie.pm;h=28b1661975e68f1087c32c9c2d8fd2b48b091fcd;hb=89d240fa692fe4bdc44c483b0d82b3d44f48e2a3;hp=85c590890ae6212dc5cf48921ef13fdf80ab0c2f;hpb=de784fad2e2c5e7667c7691429f5144bb8484141;p=catagits%2FWeb-Session.git diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm index 85c5908..28b1661 100644 --- a/lib/Plack/Session/State/Cookie.pm +++ b/lib/Plack/Session/State/Cookie.pm @@ -2,46 +2,68 @@ package Plack::Session::State::Cookie; use strict; use warnings; -our $VERSION = '0.02'; +our $VERSION = '0.12'; our $AUTHORITY = 'cpan:STEVAN'; use parent 'Plack::Session::State'; +use Plack::Request; +use Plack::Response; use Plack::Util::Accessor qw[ path domain expires secure + httponly ]; -sub expire_session_id { - my ($self, $id) = @_; - $self->SUPER::expire_session_id( $id ); - $self->expires( 0 ); +sub get_session_id { + my ($self, $env) = @_; + Plack::Request->new($env)->cookies->{$self->session_key}; } -sub get_session_id_from_request { - my ($self, $request) = @_; - ( $request->cookie( $self->session_key ) || return )->value; +sub merge_options { + my($self, %options) = @_; + + delete $options{id}; + + $options{path} = $self->path || '/' if !exists $options{path}; + $options{domain} = $self->domain if !exists $options{domain} && defined $self->domain; + $options{secure} = $self->secure if !exists $options{secure} && defined $self->secure; + $options{httponly} = $self->httponly if !exists $options{httponly} && defined $self->httponly; + + + if (!exists $options{expires} && defined $self->expires) { + $options{expires} = time + $self->expires; + } + + return %options; +} + +sub expire_session_id { + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options, expires => time); + $self->_set_cookie($id, $res, %opts); } sub finalize { - my ($self, $id, $response) = @_; + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options); + $self->_set_cookie($id, $res, %opts); +} + +sub _set_cookie { + my($self, $id, $res, %options) = @_; + + # TODO: Do not use Plack::Response + my $response = Plack::Response->new(@$res); $response->cookies->{ $self->session_key } = +{ value => $id, - path => ($self->path || '/'), - ( defined $self->domain ? ( domain => $self->domain ) : () ), - ( defined $self->expires ? ( expires => $self->expires ) : () ), - ( defined $self->secure ? ( secure => $self->secure ) : () ), + %options, }; - # clear the expires after - # finalization if the session - # has been expired - SL - $self->expires( undef ) - if defined $self->expires - && $self->expires == 0 - && $self->is_session_expired( $id ); + my $final_r = $response->finalize; + $res->[1] = $final_r->[1]; # headers } 1; @@ -70,7 +92,7 @@ Plack::Session::State::Cookie - Basic cookie-based session state =head1 DESCRIPTION -This is a subclass of L and implements it's +This is a subclass of L and implements its full interface. This is the default state used in L. @@ -80,8 +102,8 @@ L. =item B -The C<%params> can include I, I, I and -I options, as well as all the options accepted by +The C<%params> can include I, I, I, I, +and I options, as well as all the options accepted by L. =item B @@ -95,14 +117,20 @@ be included in the cookie. =item B -Expiration time of the cookie, if nothing is supplied then it will -not be included in the cookie. +Expiration time of the cookie in seconds, if nothing is supplied then +it will not be included in the cookie, which means the session expires +per browser session. =item B Secure flag for the cookie, if nothing is supplied then it will not be included in the cookie. +=item B + +HttpOnly flag for the cookie, if nothing is supplied then it will not +be included in the cookie. + =back =head1 BUGS @@ -117,7 +145,7 @@ Stevan Little Estevan.little@iinteractive.comE =head1 COPYRIGHT AND LICENSE -Copyright 2009 Infinity Interactive, Inc. +Copyright 2009, 2010 Infinity Interactive, Inc. L