From: Tomas Doran Date: Tue, 6 Oct 2009 20:52:52 +0000 (+0000) Subject: Prep for new release X-Git-Tag: v0.15~2 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Plugin-Session-State-Cookie.git;a=commitdiff_plain;h=5aca1bddabf268a471f10cf9bfe5004c7f8136d0 Prep for new release --- diff --git a/Changes b/Changes index 397fece..8a08307 100644 --- a/Changes +++ b/Changes @@ -1,5 +1,12 @@ Revision history for Perl extension Catalyst::Plugin::Session::State::Cookie +0.15 2009-10-06 + - Fix the httponly option again (Closes RT##50249). + - Make tests not warn with latest version of Catalyst. + - Prefer session configuration to be in the 'Plugin::Session' + config key, but provide backwards compatibility for the + deprecated 'session' key. + 0.14 2009-08-22 - Allow turning off the httponly option (Closes RT#48930). diff --git a/Makefile.PL b/Makefile.PL index beaba1a..fd19e82 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -14,4 +14,9 @@ test_requires 'Test::More'; auto_install; resources repository => 'http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Plugin-Session-State-Cookie/'; +if ($Module::Install::AUTHOR) { + system("pod2text lib/Catalyst/Plugin/Session/State/Cookie.pm > README") + and die; +} + WriteAll; diff --git a/README b/README deleted file mode 100644 index 3fdd2db..0000000 --- a/README +++ /dev/null @@ -1,94 +0,0 @@ -NAME - Catalyst::Plugin::Session::State::Cookie - Maintain session IDs using - cookies. - -SYNOPSIS - use Catalyst qw/Session Session::State::Cookie Session::Store::Foo/; - -DESCRIPTION - In order for Catalyst::Plugin::Session to work the session ID needs to - be stored on the client, and the session data needs to be stored on the - server. - - This plugin stores the session ID on the client using the cookie - mechanism. - -METHODS - make_session_cookie - Returns a hash reference with the default values for new cookies. - - update_session_cookie $hash_ref - Sets the cookie based on "cookie_name" in the response object. - - calc_expiry - calculate_session_cookie_expires - cookie_is_rejecting - delete_session_id - extend_session_id - get_session_cookie - get_session_id - set_session_id - -EXTENDED METHODS - prepare_cookies - Will restore if an appropriate cookie is found. - - finalize_cookies - Will set a cookie called "session" if it doesn't exist or if it's - value is not the current session id. - - setup_session - Will set the "cookie_name" parameter to it's default value if it - isn't set. - -CONFIGURATION - cookie_name - The name of the cookie to store (defaults to - "Catalyst::Utils::apprefix($c) . '_session'"). - - cookie_domain - The name of the domain to store in the cookie (defaults to current - host) - - cookie_expires - Number of seconds from now you want to elapse before cookie will - expire. Set to 0 to create a session cookie, ie one which will die - when the user's browser is shut down. - - cookie_secure - If this attribute set true, the cookie will only be sent via HTTPS. - - cookie_path - The path of the request url where cookie should be baked. - -CAVEATS - Sessions have to be created before the first write to be saved. For - example: - - sub action : Local { - my ( $self, $c ) = @_; - $c->res->write("foo"); - $c->session( ... ); - ... - } - - Will cause a session ID to not be set, because by the time a session is - actually created the headers have already been sent to the client. - -SEE ALSO - Catalyst, Catalyst::Plugin::Session. - -AUTHORS - Yuval Kogman - -CONTRIBUTORS - This module is derived from Catalyst::Plugin::Session::FastMmap code, - and has been heavily modified since. - - Andrew Ford Andy Grundman Christian Hansen Marcus Ramberg Jonathan - Rockway Sebastian Riedel - -COPYRIGHT - This program is free software, you can redistribute it and/or modify it - under the same terms as Perl itself. - diff --git a/lib/Catalyst/Plugin/Session/State/Cookie.pm b/lib/Catalyst/Plugin/Session/State/Cookie.pm index 8d32081..e6ee517 100644 --- a/lib/Catalyst/Plugin/Session/State/Cookie.pm +++ b/lib/Catalyst/Plugin/Session/State/Cookie.pm @@ -7,16 +7,24 @@ extends 'Catalyst::Plugin::Session::State'; use MRO::Compat; use Catalyst::Utils (); -our $VERSION = "0.14"; +our $VERSION = "0.15"; has _deleted_session_id => ( is => 'rw' ); +# FIXME - Can go away when we dep on new Session.. +sub _session_plugin_config { + my $c = shift; + my $key = $c->config->{'Plugin::Session'} ? + 'Plugin::Session' : 'session'; + $c->config->{$key} ||= {}; +} + sub setup_session { my $c = shift; $c->maybe::next::method(@_); - $c->config->{session}{cookie_name} + $c->_session_plugin_config->{cookie_name} ||= Catalyst::Utils::appprefix($c) . '_session'; } @@ -42,7 +50,7 @@ sub update_session_cookie { my ( $c, $updated ) = @_; unless ( $c->cookie_is_rejecting( $updated ) ) { - my $cookie_name = $c->config->{session}{cookie_name}; + my $cookie_name = $c->_session_plugin_config->{cookie_name}; $c->response->cookies->{$cookie_name} = $updated; } } @@ -60,7 +68,7 @@ sub cookie_is_rejecting { sub make_session_cookie { my ( $c, $sid, %attrs ) = @_; - my $cfg = $c->config->{session}; + my $cfg = $c->_session_plugin_config; my $cookie = { value => $sid, ( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ), @@ -77,8 +85,9 @@ sub make_session_cookie { $cookie->{secure} = 1 unless ( ($sec==0) || ($sec==2) ); $cookie->{secure} = 1 if ( ($sec==2) && $c->req->secure ); + $cookie->{httponly} = $cfg->{cookie_httponly}; $cookie->{httponly} = 1 - unless exists $cookie->{httponly}; # default = 1 (set httponly) + unless defined $cookie->{httponly}; # default = 1 (set httponly) return $cookie; } @@ -90,7 +99,7 @@ sub calc_expiry { # compat sub calculate_session_cookie_expires { my $c = shift; - my $cfg = $c->config->{session}; + my $cfg = $c->_session_plugin_config; my $value = $c->maybe::next::method(@_); return $value if $value; @@ -111,7 +120,7 @@ sub calculate_session_cookie_expires { sub get_session_cookie { my $c = shift; - my $cookie_name = $c->config->{session}{cookie_name}; + my $cookie_name = $c->_session_plugin_config->{cookie_name}; return $c->request->cookies->{$cookie_name}; } @@ -265,7 +274,7 @@ The path of the request url where cookie should be baked. For example, you could stick this in MyApp.pm: - __PACKAGE__->config( session => { + __PACKAGE__->config( 'Plugin::Session' => { cookie_domain => '.mydomain.com', }); diff --git a/t/lib/CookieTestApp.pm b/t/lib/CookieTestApp.pm index 15fdeab..55703f6 100644 --- a/t/lib/CookieTestApp.pm +++ b/t/lib/CookieTestApp.pm @@ -1,34 +1,17 @@ package # Hide from PAUSE CookieTestApp; +use strict; +use warnings; + +use base qw/Catalyst/; use Catalyst qw/ Session Session::Store::Dummy Session::State::Cookie /; -__PACKAGE__->config->{session} = { cookie_secure => 2 }; - -sub page : Local { - my ( $self, $c ) = @_; - $c->res->body( "Hi! hit number " . ++$c->session->{counter} ); -} - -sub stream : Local { - my ( $self, $c ) = @_; - my $count = ++$c->session->{counter}; - $c->res->write("hit number "); - $c->res->write($count); -} - -sub deleteme : Local { - my ( $self, $c ) = @_; - my $id = $c->get_session_id; - $c->delete_session; - my $id2 = $c->get_session_id; - $c->res->body( $id ne ( $id2 || '' ) ); -} +__PACKAGE__->config('Plugin::Session' => { cookie_secure => 2 }); __PACKAGE__->setup; 1; - diff --git a/t/lib/CookieTestApp/Controller/Root.pm b/t/lib/CookieTestApp/Controller/Root.pm new file mode 100644 index 0000000..827ac90 --- /dev/null +++ b/t/lib/CookieTestApp/Controller/Root.pm @@ -0,0 +1,30 @@ +package # PAUSE HIDE + CookieTestApp::Controller::Root; +use strict; +use warnings; + +use base qw/Catalyst::Controller/; + +__PACKAGE__->config( namespace => '' ); + +sub page : Local { + my ( $self, $c ) = @_; + $c->res->body( "Hi! hit number " . ++$c->session->{counter} ); +} + +sub stream : Local { + my ( $self, $c ) = @_; + my $count = ++$c->session->{counter}; + $c->res->write("hit number "); + $c->res->write($count); +} + +sub deleteme : Local { + my ( $self, $c ) = @_; + my $id = $c->get_session_id; + $c->delete_session; + my $id2 = $c->get_session_id; + $c->res->body( $id ne ( $id2 || '' ) ); +} + +1;