X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FPlack%2FSession%2FState%2FCookie.pm;h=d6042a435cf71c415044008979ba888377b53c17;hb=c9cdee2320126174be4d978753b39a6d3888278f;hp=1d6772f85f4797849f9b9f07172958a3c37a637b;hpb=2c5f34e84f8afaef1d7335f81f8eafb5eb054ebf;p=catagits%2FWeb-Session.git diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm index 1d6772f..d6042a4 100644 --- a/lib/Plack/Session/State/Cookie.pm +++ b/lib/Plack/Session/State/Cookie.pm @@ -2,7 +2,7 @@ package Plack::Session::State::Cookie; use strict; use warnings; -our $VERSION = '0.03'; +our $VERSION = '0.13'; our $AUTHORITY = 'cpan:STEVAN'; use parent 'Plack::Session::State'; @@ -14,6 +14,7 @@ use Plack::Util::Accessor qw[ domain expires secure + httponly ]; sub get_session_id { @@ -21,26 +22,43 @@ sub get_session_id { Plack::Request->new($env)->cookies->{$self->session_key}; } +sub merge_options { + my($self, %options) = @_; + + delete $options{id}; + + $options{path} = $self->path || '/' if !exists $options{path}; + $options{domain} = $self->domain if !exists $options{domain} && defined $self->domain; + $options{secure} = $self->secure if !exists $options{secure} && defined $self->secure; + $options{httponly} = $self->httponly if !exists $options{httponly} && defined $self->httponly; + + + if (!exists $options{expires} && defined $self->expires) { + $options{expires} = time + $self->expires; + } + + return %options; +} + sub expire_session_id { my ($self, $id, $res, $options) = @_; - $self->_set_cookie($id, $res, expires => time); + my %opts = $self->merge_options(%$options, expires => time); + $self->_set_cookie($id, $res, %opts); } sub finalize { my ($self, $id, $res, $options) = @_; - $self->_set_cookie($id, $res, (defined $self->expires ? (expires => $self->expires) : ())); + my %opts = $self->merge_options(%$options); + $self->_set_cookie($id, $res, %opts); } sub _set_cookie { my($self, $id, $res, %options) = @_; # TODO: Do not use Plack::Response - my $response = Plack::Response->new($res); + my $response = Plack::Response->new(@$res); $response->cookies->{ $self->session_key } = +{ value => $id, - path => ($self->path || '/'), - ( defined $self->domain ? ( domain => $self->domain ) : () ), - ( defined $self->secure ? ( secure => $self->secure ) : () ), %options, }; @@ -74,7 +92,7 @@ Plack::Session::State::Cookie - Basic cookie-based session state =head1 DESCRIPTION -This is a subclass of L and implements it's +This is a subclass of L and implements its full interface. This is the default state used in L. @@ -84,8 +102,8 @@ L. =item B -The C<%params> can include I, I, I and -I options, as well as all the options accepted by +The C<%params> can include I, I, I, I, +and I options, as well as all the options accepted by L. =item B @@ -99,14 +117,20 @@ be included in the cookie. =item B -Expiration time of the cookie, if nothing is supplied then it will -not be included in the cookie. +Expiration time of the cookie in seconds, if nothing is supplied then +it will not be included in the cookie, which means the session expires +per browser session. =item B Secure flag for the cookie, if nothing is supplied then it will not be included in the cookie. +=item B + +HttpOnly flag for the cookie, if nothing is supplied then it will not +be included in the cookie. + =back =head1 BUGS