X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FPlack%2FSession%2FState%2FCookie.pm;h=d6042a435cf71c415044008979ba888377b53c17;hb=c9cdee2320126174be4d978753b39a6d3888278f;hp=6440ebd592e02bf9ed5629f6bc204cf39525b9e5;hpb=43f34c01a20c9f5b05bd43532d4b564fe6bd4817;p=catagits%2FWeb-Session.git diff --git a/lib/Plack/Session/State/Cookie.pm b/lib/Plack/Session/State/Cookie.pm index 6440ebd..d6042a4 100644 --- a/lib/Plack/Session/State/Cookie.pm +++ b/lib/Plack/Session/State/Cookie.pm @@ -2,43 +2,68 @@ package Plack::Session::State::Cookie; use strict; use warnings; +our $VERSION = '0.13'; +our $AUTHORITY = 'cpan:STEVAN'; + use parent 'Plack::Session::State'; +use Plack::Request; +use Plack::Response; use Plack::Util::Accessor qw[ path domain expires secure + httponly ]; -sub expire_session_id { - my ($self, $id) = @_; - $self->SUPER::expire_session_id( $id ); - $self->expires( 0 ); +sub get_session_id { + my ($self, $env) = @_; + Plack::Request->new($env)->cookies->{$self->session_key}; +} + +sub merge_options { + my($self, %options) = @_; + + delete $options{id}; + + $options{path} = $self->path || '/' if !exists $options{path}; + $options{domain} = $self->domain if !exists $options{domain} && defined $self->domain; + $options{secure} = $self->secure if !exists $options{secure} && defined $self->secure; + $options{httponly} = $self->httponly if !exists $options{httponly} && defined $self->httponly; + + + if (!exists $options{expires} && defined $self->expires) { + $options{expires} = time + $self->expires; + } + + return %options; } -sub extract { - my ($self, $request) = @_; - $self->check_expired( ( $request->cookie( $self->session_key ) || return )->value ); +sub expire_session_id { + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options, expires => time); + $self->_set_cookie($id, $res, %opts); } sub finalize { - my ($self, $id, $response) = @_; + my ($self, $id, $res, $options) = @_; + my %opts = $self->merge_options(%$options); + $self->_set_cookie($id, $res, %opts); +} + +sub _set_cookie { + my($self, $id, $res, %options) = @_; + + # TODO: Do not use Plack::Response + my $response = Plack::Response->new(@$res); $response->cookies->{ $self->session_key } = +{ value => $id, - path => ($self->path || '/'), - ( defined $self->domain ? ( domain => $self->domain ) : () ), - ( defined $self->expires ? ( expires => $self->expires ) : () ), - ( defined $self->secure ? ( secure => $self->secure ) : () ), + %options, }; - # clear the expires after - # finalization if the session - # has been expired - SL - $self->expires( undef ) - if defined $self->expires - && $self->expires == 0 - && $self->is_session_expired( $id ); + my $final_r = $response->finalize; + $res->[1] = $final_r->[1]; # headers } 1; @@ -51,10 +76,25 @@ __END__ Plack::Session::State::Cookie - Basic cookie-based session state +=head1 SYNOPSIS + + use Plack::Builder; + use Plack::Middleware::Session; + + my $app = sub { + return [ 200, [ 'Content-Type' => 'text/plain' ], [ 'Hello Foo' ] ]; + }; + + builder { + enable 'Session'; # Cookie is the default state + $app; + }; + =head1 DESCRIPTION -This is a subclass of L and implements it's -full interface. +This is a subclass of L and implements its +full interface. This is the default state used in +L. =head1 METHODS @@ -62,14 +102,35 @@ full interface. =item B +The C<%params> can include I, I, I, I, +and I options, as well as all the options accepted by +L. + =item B +Path of the cookie, this defaults to "/"; + =item B +Domain of the cookie, if nothing is supplied then it will not +be included in the cookie. + =item B +Expiration time of the cookie in seconds, if nothing is supplied then +it will not be included in the cookie, which means the session expires +per browser session. + =item B +Secure flag for the cookie, if nothing is supplied then it will not +be included in the cookie. + +=item B + +HttpOnly flag for the cookie, if nothing is supplied then it will not +be included in the cookie. + =back =head1 BUGS @@ -84,7 +145,7 @@ Stevan Little Estevan.little@iinteractive.comE =head1 COPYRIGHT AND LICENSE -Copyright 2009 Infinity Interactive, Inc. +Copyright 2009, 2010 Infinity Interactive, Inc. L