[catagits/Web-Session.git] / lib / Plack / Middleware / Session.pm

package Plack::Middleware::Session;
use strict;
use warnings;

our $VERSION   = '0.13';
our $AUTHORITY = 'cpan:STEVAN';

use Plack::Util;
use Scalar::Util;

use parent 'Plack::Middleware';

use Plack::Util::Accessor qw(
    state
    store
);

sub prepare_app {
    my $self = shift;

    $self->state( 'Cookie' ) unless $self->state;
    $self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
    $self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
}

sub inflate_backend {
    my($self, $prefix, $backend) = @_;

    return $backend if defined $backend && Scalar::Util::blessed $backend;

    my @class;
    push @class, $backend if defined $backend; # undef means the root class
    push @class, $prefix;

    Plack::Util::load_class(@class)->new();
}

sub call {
    my $self = shift;
    my $env  = shift;

    my($id, $session) = $self->get_session($env);
    if ($id && $session) {
        $env->{'psgix.session'} = $session;
    } else {
        $id = $self->generate_id($env);
        $env->{'psgix.session'} = {};
    }

    $env->{'psgix.session.options'} = { id => $id };

    my $res = $self->app->($env);
    $self->response_cb($res, sub { $self->finalize($env, $_[0]) });
}

sub get_session {
    my($self, $env) = @_;

    my $id = $self->state->extract($env)   or return;
    my $session = $self->store->fetch($id) or return;

    return ($id, $session);
}

sub generate_id {
    my($self, $env) = @_;
    $self->state->generate($env);
}

sub commit {
    my($self, $env) = @_;

    my $session = $env->{'psgix.session'};
    my $options = $env->{'psgix.session.options'};

    if ($options->{expire}) {
        $self->store->remove($options->{id});
    } elsif ($options->{change_id}) {
        $self->store->remove($options->{id});
        $options->{id} = $self->generate_id($env);
        $self->store->store($options->{id}, $session);
    } else {
        $self->store->store($options->{id}, $session);
    }
}

sub finalize {
    my($self, $env, $res) = @_;

    my $session = $env->{'psgix.session'};
    my $options = $env->{'psgix.session.options'};

    $self->commit($env) unless $options->{no_store};
    if ($options->{expire}) {
        $self->expire_session($options->{id}, $res, $env);
    } else {
        $self->save_state($options->{id}, $res, $env);
    }
}

sub expire_session {
    my($self, $id, $res, $env) = @_;
    $self->state->expire_session_id($id, $res, $env->{'psgix.session.options'});
}

sub save_state {
    my($self, $id, $res, $env) = @_;
    $self->state->finalize($id, $res, $env->{'psgix.session.options'});
}

1;

__END__

=pod

=head1 NAME

Plack::Middleware::Session - Middleware for session management

=head1 SYNOPSIS

  use Plack::Builder;

  my $app = sub {
      my $env = shift;
      my $session = $env->{'psgix.session'};
      return [
          200,
          [ 'Content-Type' => 'text/plain' ],
          [ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
      ];
  };

  builder {
      enable 'Session';
      $app;
  };

  # Or, use the File store backend (great if you use multiprocess server)
  # For more options, see perldoc Plack::Session::Store::File
  builder {
      enable 'Session', store => 'File';
      $app;
  };

=head1 DESCRIPTION

This is a Plack Middleware component for session management. By
default it will use cookies to keep session state and store data in
memory. This distribution also comes with other state and store
solutions. See perldoc for these backends how to use them.

It should be noted that we store the current session as a hash
reference in the C<psgix.session> key inside the C<$env> where you can
access it as needed.

B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
instead of C<plack.session>.

=head2 State

=over 4

=item L<Plack::Session::State>

This will maintain session state by passing the session through
the request params. It does not do this automatically though,
you are responsible for passing the session param.

=item L<Plack::Session::State::Cookie>

This will maintain session state using browser cookies.

=back

=head2 Store

=over 4

=item L<Plack::Session::Store>

This is your basic in-memory session data store. It is volatile storage
and not recommended for multiprocessing environments. However it is
very useful for development and testing.

=item L<Plack::Session::Store::File>

This will persist session data in a file. By default it uses
L<Storable> but it can be configured to have a custom serializer and
deserializer.

=item L<Plack::Session::Store::Cache>

This will persist session data using the L<Cache> interface.

=item L<Plack::Session::Store::Null>

Sometimes you don't care about storing session data, in that case
you can use this noop module.

=back

=head1 OPTIONS

The following are options that can be passed to this module.

=over 4

=item I<state>

This is expected to be an instance of L<Plack::Session::State> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::State::Cookie> will be used.

=item I<store>

This is expected to be an instance of L<Plack::Session::Store> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::Store> will be used.

It should be noted that this default is an in-memory volatile store
is only suitable for development (or single process servers). For a
more robust solution see L<Plack::Session::Store::File> or
L<Plack::Session::Store::Cache>.

=back

=head1 BUGS

All complex software has bugs lurking in it, and this module is no
exception. If you find a bug please either email me, or add the bug
to cpan-RT.

=head1 AUTHOR

Tatsuhiko Miyagawa

Stevan Little E<lt>stevan.little@iinteractive.comE<gt>

=head1 COPYRIGHT AND LICENSE

Copyright 2009, 2010 Infinity Interactive, Inc.

L<http://www.iinteractive.com>

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut
Commit	Line	Data
bd992981	1	package Plack::Middleware::Session;
	2	use strict;
	3	use warnings;
	4
c9cdee23	5	our $VERSION = '0.13';
30cc0a71	6	our $AUTHORITY = 'cpan:STEVAN';
30cc0a71	7
ad80e445	8	use Plack::Util;
ad80e445	9	use Scalar::Util;
bd992981	10
	11	use parent 'Plack::Middleware';
	12
d6af4aa8	13	use Plack::Util::Accessor qw(
	14	state
	15	store
d6af4aa8	16	);
bd992981	17
fe1bfe7d	18	sub prepare_app {
fe1bfe7d	19	my $self = shift;
fe1bfe7d	20
4ff41723	21	$self->state( 'Cookie' ) unless $self->state;
ad80e445	22	$self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
	23	$self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
	24	}
	25
	26	sub inflate_backend {
	27	my($self, $prefix, $backend) = @_;
	28
	29	return $backend if defined $backend && Scalar::Util::blessed $backend;
	30
	31	my @class;
	32	push @class, $backend if defined $backend; # undef means the root class
	33	push @class, $prefix;
	34
	35	Plack::Util::load_class(@class)->new();
fe1bfe7d	36	}
fe1bfe7d	37
bd992981	38	sub call {
	39	my $self = shift;
	40	my $env = shift;
	41
92edbddf	42	my($id, $session) = $self->get_session($env);
dc556d28	43	if ($id && $session) {
4ff41723	44	$env->{'psgix.session'} = $session;
4ff41723	45	} else {
92edbddf	46	$id = $self->generate_id($env);
4ff41723	47	$env->{'psgix.session'} = {};
	48	}
	49
	50	$env->{'psgix.session.options'} = { id => $id };
4a0cb5a0	51
fe1bfe7d	52	my $res = $self->app->($env);
92edbddf	53	$self->response_cb($res, sub { $self->finalize($env, $_[0]) });
bd992981	54	}
bd992981	55
dc556d28	56	sub get_session {
92edbddf	57	my($self, $env) = @_;
dc556d28	58
92edbddf	59	my $id = $self->state->extract($env) or return;
92edbddf	60	my $session = $self->store->fetch($id) or return;
dc556d28	61
	62	return ($id, $session);
	63	}
	64
	65	sub generate_id {
92edbddf	66	my($self, $env) = @_;
92edbddf	67	$self->state->generate($env);
dc556d28	68	}
dc556d28	69
4ff41723	70	sub commit {
7518e927	71	my($self, $env) = @_;
	72
	73	my $session = $env->{'psgix.session'};
	74	my $options = $env->{'psgix.session.options'};
	75
4ff41723	76	if ($options->{expire}) {
08b2e16d	77	$self->store->remove($options->{id});
0d826d0e	78	} elsif ($options->{change_id}) {
	79	$self->store->remove($options->{id});
	80	$options->{id} = $self->generate_id($env);
	81	$self->store->store($options->{id}, $session);
4ff41723	82	} else {
	83	$self->store->store($options->{id}, $session);
	84	}
	85	}
	86
	87	sub finalize {
92edbddf	88	my($self, $env, $res) = @_;
dc556d28	89
7518e927	90	my $session = $env->{'psgix.session'};
7518e927	91	my $options = $env->{'psgix.session.options'};
4ff41723	92
7518e927	93	$self->commit($env) unless $options->{no_store};
98b27b31	94	if ($options->{expire}) {
92edbddf	95	$self->expire_session($options->{id}, $res, $env);
4ff41723	96	} else {
92edbddf	97	$self->save_state($options->{id}, $res, $env);
4ff41723	98	}
	99	}
	100
dc556d28	101	sub expire_session {
7518e927	102	my($self, $id, $res, $env) = @_;
7518e927	103	$self->state->expire_session_id($id, $res, $env->{'psgix.session.options'});
dc556d28	104	}
	105
	106	sub save_state {
7518e927	107	my($self, $id, $res, $env) = @_;
7518e927	108	$self->state->finalize($id, $res, $env->{'psgix.session.options'});
dc556d28	109	}
dc556d28	110
bd992981	111	1;
	112
	113	__END__
ac4892f4	114
	115	=pod
	116
	117	=head1 NAME
	118
	119	Plack::Middleware::Session - Middleware for session management
	120
	121	=head1 SYNOPSIS
	122
3d92cf47	123	use Plack::Builder;
ac4892f4	124
3d92cf47	125	my $app = sub {
536da026	126	my $env = shift;
4ff41723	127	my $session = $env->{'psgix.session'};
536da026	128	return [
	129	200,
	130	[ 'Content-Type' => 'text/plain' ],
4ff41723	131	[ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
536da026	132	];
3d92cf47	133	};
	134
	135	builder {
	136	enable 'Session';
	137	$app;
	138	};
	139
ad80e445	140	# Or, use the File store backend (great if you use multiprocess server)
	141	# For more options, see perldoc Plack::Session::Store::File
	142	builder {
	143	enable 'Session', store => 'File';
	144	$app;
	145	};
	146
ac4892f4	147	=head1 DESCRIPTION
ac4892f4	148
3d92cf47	149	This is a Plack Middleware component for session management. By
ad80e445	150	default it will use cookies to keep session state and store data in
	151	memory. This distribution also comes with other state and store
	152	solutions. See perldoc for these backends how to use them.
3d92cf47	153
4ff41723	154	It should be noted that we store the current session as a hash
	155	reference in the C<psgix.session> key inside the C<$env> where you can
	156	access it as needed.
	157
	158	B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
	159	instead of C<plack.session>.
b84f31d0	160
3d92cf47	161	=head2 State
	162
	163	=over 4
	164
	165	=item L<Plack::Session::State>
	166
	167	This will maintain session state by passing the session through
	168	the request params. It does not do this automatically though,
	169	you are responsible for passing the session param.
	170
	171	=item L<Plack::Session::State::Cookie>
	172
	173	This will maintain session state using browser cookies.
	174
	175	=back
	176
	177	=head2 Store
	178
	179	=over 4
	180
	181	=item L<Plack::Session::Store>
	182
	183	This is your basic in-memory session data store. It is volatile storage
	184	and not recommended for multiprocessing environments. However it is
	185	very useful for development and testing.
	186
	187	=item L<Plack::Session::Store::File>
	188
	189	This will persist session data in a file. By default it uses
	190	L<Storable> but it can be configured to have a custom serializer and
	191	deserializer.
	192
20ede533	193	=item L<Plack::Session::Store::Cache>
3d92cf47	194
20ede533	195	This will persist session data using the L<Cache> interface.
3d92cf47	196
	197	=item L<Plack::Session::Store::Null>
	198
	199	Sometimes you don't care about storing session data, in that case
	200	you can use this noop module.
	201
	202	=back
	203
30cc0a71	204	=head1 OPTIONS
30cc0a71	205
eb14af1e	206	The following are options that can be passed to this module.
30cc0a71	207
	208	=over 4
	209
	210	=item I<state>
	211
	212	This is expected to be an instance of L<Plack::Session::State> or an
	213	object that implements the same interface. If no option is provided
	214	the default L<Plack::Session::State::Cookie> will be used.
	215
	216	=item I<store>
	217
	218	This is expected to be an instance of L<Plack::Session::Store> or an
	219	object that implements the same interface. If no option is provided
	220	the default L<Plack::Session::Store> will be used.
	221
	222	It should be noted that this default is an in-memory volatile store
	223	is only suitable for development (or single process servers). For a
	224	more robust solution see L<Plack::Session::Store::File> or
	225	L<Plack::Session::Store::Cache>.
	226
30cc0a71	227	=back
30cc0a71	228
ac4892f4	229	=head1 BUGS
	230
	231	All complex software has bugs lurking in it, and this module is no
	232	exception. If you find a bug please either email me, or add the bug
	233	to cpan-RT.
	234
	235	=head1 AUTHOR
	236
	237	Tatsuhiko Miyagawa
	238
	239	Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
	240
	241	=head1 COPYRIGHT AND LICENSE
	242
000c696e	243	Copyright 2009, 2010 Infinity Interactive, Inc.
ac4892f4	244
	245	L<http://www.iinteractive.com>
	246
	247	This library is free software; you can redistribute it and/or modify
	248	it under the same terms as Perl itself.
	249
	250	=cut
	251
	252