X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FPlack%2FSession%2FState%2FCookie.pm;h=d6042a435cf71c415044008979ba888377b53c17;hb=c9cdee2320126174be4d978753b39a6d3888278f;hp=36728bf0d84528169f14b3470c3a1f989e07a5c8;hpb=4ff41723d59739434df7ba7293c8c40b968c8600;p=catagits%2FWeb-Session.git diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm index 36728bf..d6042a4 100644 --- a/lib/Plack/Session/State/Cookie.pm +++ b/lib/Plack/Session/State/Cookie.pm @@ -2,43 +2,68 @@ package Plack::Session::State::Cookie; use strict; use warnings; -our $VERSION = '0.03'; +our $VERSION = '0.13'; our $AUTHORITY = 'cpan:STEVAN'; use parent 'Plack::Session::State'; +use Plack::Request; +use Plack::Response; use Plack::Util::Accessor qw[ path domain expires secure + httponly ]; sub get_session_id { - my ($self, $request) = @_; - ( $request->cookie( $self->session_key ) || return )->value; + my ($self, $env) = @_; + Plack::Request->new($env)->cookies->{$self->session_key}; +} + +sub merge_options { + my($self, %options) = @_; + + delete $options{id}; + + $options{path} = $self->path || '/' if !exists $options{path}; + $options{domain} = $self->domain if !exists $options{domain} && defined $self->domain; + $options{secure} = $self->secure if !exists $options{secure} && defined $self->secure; + $options{httponly} = $self->httponly if !exists $options{httponly} && defined $self->httponly; + + + if (!exists $options{expires} && defined $self->expires) { + $options{expires} = time + $self->expires; + } + + return %options; } sub expire_session_id { - my ($self, $id, $response) = @_; - $response->cookies->{ $self->session_key } = +{ - value => $id, - path => ($self->path || '/'), - expires => 0, - ( defined $self->domain ? ( domain => $self->domain ) : () ), - ( defined $self->secure ? ( secure => $self->secure ) : () ), - }; + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options, expires => time); + $self->_set_cookie($id, $res, %opts); } sub finalize { - my ($self, $id, $response, $options) = @_; + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options); + $self->_set_cookie($id, $res, %opts); +} + +sub _set_cookie { + my($self, $id, $res, %options) = @_; + + # TODO: Do not use Plack::Response + my $response = Plack::Response->new(@$res); $response->cookies->{ $self->session_key } = +{ value => $id, - path => ($self->path || '/'), - ( defined $self->domain ? ( domain => $self->domain ) : () ), - ( defined $self->expires ? ( expires => $self->expires ) : () ), - ( defined $self->secure ? ( secure => $self->secure ) : () ), + %options, }; + + my $final_r = $response->finalize; + $res->[1] = $final_r->[1]; # headers } 1; @@ -67,7 +92,7 @@ Plack::Session::State::Cookie - Basic cookie-based session state =head1 DESCRIPTION -This is a subclass of L and implements it's +This is a subclass of L and implements its full interface. This is the default state used in L. @@ -77,8 +102,8 @@ L. =item B -The C<%params> can include I, I, I and -I options, as well as all the options accepted by +The C<%params> can include I, I, I, I, +and I options, as well as all the options accepted by L. =item B @@ -92,14 +117,20 @@ be included in the cookie. =item B -Expiration time of the cookie, if nothing is supplied then it will -not be included in the cookie. +Expiration time of the cookie in seconds, if nothing is supplied then +it will not be included in the cookie, which means the session expires +per browser session. =item B Secure flag for the cookie, if nothing is supplied then it will not be included in the cookie. +=item B + +HttpOnly flag for the cookie, if nothing is supplied then it will not +be included in the cookie. + =back =head1 BUGS