X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Plugin-Session-State-Cookie.git;a=blobdiff_plain;f=lib%2FCatalyst%2FPlugin%2FSession%2FState%2FCookie.pm;h=cd2b8bee0122af536351b30417fb558d1de459c2;hp=54ec5b58d4bda36aa2796760680dfe8cde9f0edd;hb=2cfb85de2edccd6dacf467944752108b53d537b8;hpb=458ed7d4b764cb9def36fddb845581713cb10f4e diff --git a/lib/Catalyst/Plugin/Session/State/Cookie.pm b/lib/Catalyst/Plugin/Session/State/Cookie.pm index 54ec5b5..cd2b8be 100644 --- a/lib/Catalyst/Plugin/Session/State/Cookie.pm +++ b/lib/Catalyst/Plugin/Session/State/Cookie.pm @@ -1,5 +1,5 @@ package Catalyst::Plugin::Session::State::Cookie; -use base qw/Catalyst::Plugin::Session::State/; +use base qw/Catalyst::Plugin::Session::State Class::Accessor::Fast/; use strict; use warnings; @@ -7,7 +7,9 @@ use warnings; use NEXT; use Catalyst::Utils (); -our $VERSION = "0.03"; +our $VERSION = "0.08"; + +BEGIN { __PACKAGE__->mk_accessors(qw/_deleted_session_id/) } sub setup_session { my $c = shift; @@ -25,7 +27,7 @@ sub extend_session_id { $c->update_session_cookie( $c->make_session_cookie( $sid ) ); } - $c->NEXT::extend_session_id( @_ ); + $c->NEXT::extend_session_id( $sid, $expires ); } sub set_session_id { @@ -33,13 +35,26 @@ sub set_session_id { $c->update_session_cookie( $c->make_session_cookie( $sid ) ); - return $c->NEXT::set_session_id(@_); + return $c->NEXT::set_session_id($sid); } sub update_session_cookie { my ( $c, $updated ) = @_; - my $cookie_name = $c->config->{session}{cookie_name}; - $c->response->cookies->{$cookie_name} = $updated; + + unless ( $c->cookie_is_rejecting( $updated ) ) { + my $cookie_name = $c->config->{session}{cookie_name}; + $c->response->cookies->{$cookie_name} = $updated; + } +} + +sub cookie_is_rejecting { + my ( $c, $cookie ) = @_; + + if ( $cookie->{path} ) { + return 1 if index '/'.$c->request->path, $cookie->{path}; + } + + return 0; } sub make_session_cookie { @@ -49,6 +64,7 @@ sub make_session_cookie { my $cookie = { value => $sid, ( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ), + ( $cfg->{cookie_path} ? ( path => $cfg->{cookie_path} ) : () ), %attrs, }; @@ -97,7 +113,7 @@ sub get_session_cookie { sub get_session_id { my $c = shift; - if ( my $cookie = $c->get_session_cookie ) { + if ( !$c->_deleted_session_id and my $cookie = $c->get_session_cookie ) { my $sid = $cookie->value; $c->log->debug(qq/Found sessionid "$sid" in cookie/) if $c->debug; return $sid if $sid; @@ -108,6 +124,8 @@ sub get_session_id { sub delete_session_id { my ( $c, $sid ) = @_; + + $c->_deleted_session_id(1); # to prevent get_session_id from returning it $c->update_session_cookie( $c->make_session_cookie( $sid, expires => 0 ) ); @@ -147,6 +165,22 @@ Returns a hash reference with the default values for new cookies. Sets the cookie based on C in the response object. +=item calc_expiry + +=item calculate_session_cookie_expires + +=item cookie_is_rejecting + +=item delete_session_id + +=item extend_session_id + +=item get_session_cookie + +=item get_session_id + +=item set_session_id + =back =head1 EXTENDED METHODS @@ -190,6 +224,10 @@ user's browser is shut down. If this attribute set true, the cookie will only be sent via HTTPS. +=item cookie_path + +The path of the request url where cookie should be baked. + =back =head1 CAVEATS @@ -220,6 +258,7 @@ Andy Grundman Christian Hansen Yuval Kogman, C Marcus Ramberg +Jonathan Rockway, C Sebastian Riedel =head1 COPYRIGHT