[catagits/Catalyst-Plugin-Session-State-Cookie.git] / lib / Catalyst / Plugin / Session / State / Cookie.pm

package Catalyst::Plugin::Session::State::Cookie;
use base qw/Catalyst::Plugin::Session::State/;

use strict;
use warnings;

use NEXT;
use Catalyst::Utils ();

our $VERSION = "0.02";

sub setup_session {
    my $c = shift;

    $c->NEXT::setup_session(@_);
    $c->config->{session}{cookie_name}
        ||= Catalyst::Utils::appprefix($c) . '_session';
}

sub finalize_cookies {
    my $c = shift;

    if ( $c->sessionid ) {
        $c->update_session_cookie( $c->make_session_cookie );
    }

    return $c->NEXT::finalize_cookies(@_);
}

sub update_session_cookie {
    my ( $c, $updated ) = @_;
    my $cookie_name = $c->config->{session}{cookie_name};
    $c->response->cookies->{$cookie_name} = $updated;
}

sub make_session_cookie {
    my $c = shift;

    my $cfg    = $c->config->{session};
    my $cookie = {
        value => $c->sessionid,
        ( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ),
    };

    $cookie->{expires}=$c->calc_expiry();

    $cookie->{secure} = 1 if $cfg->{cookie_secure};

    return $cookie;
}

sub calc_expiry {
    my $c=shift;
    my $cfg    = $c->config->{session};
    my $value= $c->NEXT::calc_expiry(@_);
    return $value if $value;
    if ( exists $cfg->{cookie_expires} ) {
        if ( $cfg->{cookie_expires} > 0 ) {
            return time() + $cfg->{cookie_expires};
        }
        else {
            return undef;
        }
    }
    else {
       return $c->session_expires;
    }
}

sub prepare_cookies {
    my $c = shift;

    my $ret = $c->NEXT::prepare_cookies(@_);

    my $cookie_name = $c->config->{session}{cookie_name};

    if ( my $cookie = $c->request->cookies->{$cookie_name} ) {
        my $sid = $cookie->value;
        $c->sessionid($sid);
        $c->log->debug(qq/Found sessionid "$sid" in cookie/) if $c->debug;
    }

    return $ret;
}

__PACKAGE__

__END__

=pod

=head1 NAME

Catalyst::Plugin::Session::State::Cookie - Maintain session IDs using cookies.

=head1 SYNOPSIS

    use Catalyst qw/Session Session::State::Cookie Session::Store::Foo/;

=head1 DESCRIPTION

In order for L<Catalyst::Plugin::Session> to work the session ID needs to be
stored on the client, and the session data needs to be stored on the server.

This plugin stores the session ID on the client using the cookie mechanism.

=head1 METHODS

=over 4

=item make_session_cookie

Returns a hash reference with the default values for new cookies.

=item update_session_cookie $hash_ref

Sets the cookie based on C<cookie_name> in the response object.

=back

=head1 EXTENDED METHODS

=over 4

=item prepare_cookies

Will restore if an appropriate cookie is found.

=item finalize_cookies

Will set a cookie called C<session> if it doesn't exist or if it's value is not
the current session id.

=item setup_session

Will set the C<cookie_name> parameter to it's default value if it isn't set.

=back

=head1 CONFIGURATION

=over 4

=item cookie_name

The name of the cookie to store (defaults to C<Catalyst::Utils::apprefix($c) . '_session'>).

=item cookie_domain

The name of the domain to store in the cookie (defaults to current host)

=item cookie_expires

Number of seconds from now you want to elapse before cookie will expire. 
Set to 0 to create a session cookie, ie one which will die when the 
user's browser is shut down.

=item cookie_secure

If this attribute set true, the cookie will only be sent via HTTPS.

=back

=head1 CAVEATS

Sessions have to be created before the first write to be saved. For example:

	sub action : Local {
		my ( $self, $c ) = @_;
		$c->res->write("foo");
		$c->session( ... );
		...
	}

Will cause a session ID to not be set, because by the time a session is
actually created the headers have already been sent to the client.

=head1 SEE ALSO

L<Catalyst>, L<Catalyst::Plugin::Session>.

=head1 AUTHORS

This module is derived from L<Catalyst::Plugin::Session::FastMmap> code, and
has been heavily modified since.

Andrew Ford
Andy Grundman
Christian Hansen
Yuval Kogman, C<nothingmuch@woobling.org>
Marcus Ramberg
Sebastian Riedel

=head1 COPYRIGHT

This program is free software, you can redistribute it and/or modify it
under the same terms as Perl itself.

=cut

1;
Commit	Line	Data
1a776a0c	1	package Catalyst::Plugin::Session::State::Cookie;
1a776a0c	2	use base qw/Catalyst::Plugin::Session::State/;
bf2bce67	3
bf2bce67	4	use strict;
1a776a0c	5	use warnings;
bf2bce67	6
1a776a0c	7	use NEXT;
74586782	8	use Catalyst::Utils ();
bf2bce67	9
00fa6d61	10	our $VERSION = "0.02";
81eb8ebf	11
5e50008f	12	sub setup_session {
20e33791	13	my $c = shift;
5e50008f	14
20e33791	15	$c->NEXT::setup_session(@_);
7022ec4c	16	$c->config->{session}{cookie_name}
7022ec4c	17	\|\|= Catalyst::Utils::appprefix($c) . '_session';
5e50008f	18	}
5e50008f	19
d52e5079	20	sub finalize_cookies {
b2f8df5e	21	my $c = shift;
1a776a0c	22
58730edc	23	if ( $c->sessionid ) {
	24	$c->update_session_cookie( $c->make_session_cookie );
	25	}
db1cda22	26
	27	return $c->NEXT::finalize_cookies(@_);
	28	}
	29
	30	sub update_session_cookie {
58730edc	31	my ( $c, $updated ) = @_;
20e33791	32	my $cookie_name = $c->config->{session}{cookie_name};
58730edc	33	$c->response->cookies->{$cookie_name} = $updated;
db1cda22	34	}
5e50008f	35
db1cda22	36	sub make_session_cookie {
58730edc	37	my $c = shift;
	38
	39	my $cfg = $c->config->{session};
	40	my $cookie = {
	41	value => $c->sessionid,
	42	( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ),
	43	};
	44
1e986fd5	45	$cookie->{expires}=$c->calc_expiry();
1e986fd5	46
fc4b9d6d	47	$cookie->{secure} = 1 if $cfg->{cookie_secure};
fc4b9d6d	48
1e986fd5	49	return $cookie;
	50	}
	51
	52	sub calc_expiry {
	53	my $c=shift;
	54	my $cfg = $c->config->{session};
	55	my $value= $c->NEXT::calc_expiry(@_);
	56	return $value if $value;
58730edc	57	if ( exists $cfg->{cookie_expires} ) {
7022ec4c	58	if ( $cfg->{cookie_expires} > 0 ) {
1e986fd5	59	return time() + $cfg->{cookie_expires};
7022ec4c	60	}
7022ec4c	61	else {
1e986fd5	62	return undef;
7022ec4c	63	}
58730edc	64	}
58730edc	65	else {
1e986fd5	66	return $c->session_expires;
58730edc	67	}
bf2bce67	68	}
bf2bce67	69
1a776a0c	70	sub prepare_cookies {
bf2bce67	71	my $c = shift;
1a776a0c	72
7acb108b	73	my $ret = $c->NEXT::prepare_cookies(@_);
7acb108b	74
20e33791	75	my $cookie_name = $c->config->{session}{cookie_name};
5e50008f	76
5e50008f	77	if ( my $cookie = $c->request->cookies->{$cookie_name} ) {
bf2bce67	78	my $sid = $cookie->value;
	79	$c->sessionid($sid);
	80	$c->log->debug(qq/Found sessionid "$sid" in cookie/) if $c->debug;
	81	}
bf2bce67	82
20e33791	83	return $ret;
bf2bce67	84	}
bf2bce67	85
1a776a0c	86	__PACKAGE__
57dbf608	87
1a776a0c	88	__END__
bf2bce67	89
1a776a0c	90	=pod
b2f8df5e	91
1a776a0c	92	=head1 NAME
bf2bce67	93
75d3560d	94	Catalyst::Plugin::Session::State::Cookie - Maintain session IDs using cookies.
bf2bce67	95
1a776a0c	96	=head1 SYNOPSIS
bf2bce67	97
20e33791	98	use Catalyst qw/Session Session::State::Cookie Session::Store::Foo/;
bf2bce67	99
1a776a0c	100	=head1 DESCRIPTION
bf2bce67	101
1a776a0c	102	In order for L<Catalyst::Plugin::Session> to work the session ID needs to be
1a776a0c	103	stored on the client, and the session data needs to be stored on the server.
bf2bce67	104
1a776a0c	105	This plugin stores the session ID on the client using the cookie mechanism.
57dbf608	106
724a6173	107	=head1 METHODS
	108
	109	=over 4
	110
	111	=item make_session_cookie
	112
	113	Returns a hash reference with the default values for new cookies.
	114
	115	=item update_session_cookie $hash_ref
	116
	117	Sets the cookie based on C<cookie_name> in the response object.
	118
	119	=back
	120
1a776a0c	121	=head1 EXTENDED METHODS
58c05d1a	122
57dbf608	123	=over 4
57dbf608	124
1a776a0c	125	=item prepare_cookies
57dbf608	126
1a776a0c	127	Will restore if an appropriate cookie is found.
58c05d1a	128
d52e5079	129	=item finalize_cookies
58c05d1a	130
19c2baa1	131	Will set a cookie called C<session> if it doesn't exist or if it's value is not
	132	the current session id.
	133
	134	=item setup_session
	135
	136	Will set the C<cookie_name> parameter to it's default value if it isn't set.
58c05d1a	137
57dbf608	138	=back
58c05d1a	139
5e50008f	140	=head1 CONFIGURATION
	141
	142	=over 4
	143
	144	=item cookie_name
	145
ae33e13f	146	The name of the cookie to store (defaults to C<Catalyst::Utils::apprefix($c) . '_session'>).
5e50008f	147
41b4b15c	148	=item cookie_domain
	149
	150	The name of the domain to store in the cookie (defaults to current host)
	151
7022ec4c	152	=item cookie_expires
	153
	154	Number of seconds from now you want to elapse before cookie will expire.
	155	Set to 0 to create a session cookie, ie one which will die when the
	156	user's browser is shut down.
	157
fc4b9d6d	158	=item cookie_secure
	159
	160	If this attribute set true, the cookie will only be sent via HTTPS.
	161
5e50008f	162	=back
5e50008f	163
724a6173	164	=head1 CAVEATS
db1cda22	165
	166	Sessions have to be created before the first write to be saved. For example:
	167
	168	sub action : Local {
	169	my ( $self, $c ) = @_;
	170	$c->res->write("foo");
	171	$c->session( ... );
	172	...
	173	}
	174
	175	Will cause a session ID to not be set, because by the time a session is
	176	actually created the headers have already been sent to the client.
	177
bf2bce67	178	=head1 SEE ALSO
bf2bce67	179
1a776a0c	180	L<Catalyst>, L<Catalyst::Plugin::Session>.
bf2bce67	181
47f47da5	182	=head1 AUTHORS
bf2bce67	183
47f47da5	184	This module is derived from L<Catalyst::Plugin::Session::FastMmap> code, and
	185	has been heavily modified since.
	186
	187	Andrew Ford
	188	Andy Grundman
	189	Christian Hansen
	190	Yuval Kogman, C<nothingmuch@woobling.org>
	191	Marcus Ramberg
	192	Sebastian Riedel
bf2bce67	193
	194	=head1 COPYRIGHT
	195
bfeb5ca0	196	This program is free software, you can redistribute it and/or modify it
bfeb5ca0	197	under the same terms as Perl itself.
bf2bce67	198
	199	=cut
	200
	201	1;