Hideo Kimura++'s cookie_secure patch

[catagits/Catalyst-Plugin-Session-State-Cookie.git] / lib / Catalyst / Plugin / Session / State / Cookie.pm

diff --git a/lib/Catalyst/Plugin/Session/State/Cookie.pm b/lib/Catalyst/Plugin/Session/State/Cookie.pm
index 23402db..5319500 100644 (file)
--- a/lib/Catalyst/Plugin/Session/State/Cookie.pm
+++ b/lib/Catalyst/Plugin/Session/State/Cookie.pm
@@ -5,6 +5,7 @@ use strict;
 use warnings;
 
 use NEXT;
+use Catalyst::Utils ();
 
 our $VERSION = "0.02";
 
@@ -41,20 +42,29 @@ sub make_session_cookie {
         ( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ),
     };
 
+    $cookie->{expires}=$c->calc_expiry();
+
+    $cookie->{secure} = 1 if $cfg->{cookie_secure};
+
+    return $cookie;
+}
+
+sub calc_expiry {
+    my $c=shift;
+    my $cfg    = $c->config->{session};
+    my $value= $c->NEXT::calc_expiry(@_);
+    return $value if $value;
     if ( exists $cfg->{cookie_expires} ) {
         if ( $cfg->{cookie_expires} > 0 ) {
-            $cookie->{expires} = time() + $cfg->{cookie_expires};
+            return time() + $cfg->{cookie_expires};
         }
         else {
-            $cookie->{expires} = undef;
+            return undef;
         }
     }
     else {
-        # XXX: FIXME, Session dropped __expires
-        $cookie->{expires} = $c->session->{__expires};
+       return $c->session_expires;
     }
-
-    return $cookie;
 }
 
 sub prepare_cookies {
@@ -81,7 +91,7 @@ __END__
 
 =head1 NAME
 
-Catalyst::Plugin::Session::State::Cookie - A session ID 
+Catalyst::Plugin::Session::State::Cookie - Maintain session IDs using cookies.
 
 =head1 SYNOPSIS
 
@@ -145,6 +155,10 @@ Number of seconds from now you want to elapse before cookie will expire.
 Set to 0 to create a session cookie, ie one which will die when the 
 user's browser is shut down.
 
+=item cookie_secure
+
+If this attribute set true, the cookie will only be sent via HTTPS.
+
 =back
 
 =head1 CAVEATS