[catagits/Web-Session.git] / lib / Plack / Middleware / Session.pm

package Plack::Middleware::Session;
use strict;
use warnings;

our $VERSION   = '0.03';
our $AUTHORITY = 'cpan:STEVAN';

use Plack::Request;
use Plack::Response;
use Plack::Util;
use Scalar::Util;

use parent 'Plack::Middleware';

use Plack::Util::Accessor qw(
    state
    store
    session_class
);

sub prepare_app {
    my $self = shift;

    $self->state( 'Cookie' ) unless $self->state;
    $self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
    $self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );

    Plack::Util::load_class($self->session_class) if $self->session_class;
}

sub inflate_backend {
    my($self, $prefix, $backend) = @_;

    return $backend if defined $backend && Scalar::Util::blessed $backend;

    my @class;
    push @class, $backend if defined $backend; # undef means the root class
    push @class, $prefix;

    Plack::Util::load_class(@class)->new();
}

sub call {
    my $self = shift;
    my $env  = shift;

    my $request = Plack::Request->new($env);

    my($id, $session) = $self->get_session($request);
    if ($id && $session) {
        $env->{'psgix.session'} = $session;
    } else {
        $id = $self->generate_id($request);
        $env->{'psgix.session'} = {};
    }

    $env->{'psgix.session.options'} = { id => $id };

    if ($self->session_class) {
        $env->{'plack.session'} = $self->session_class->new($env);
    }

    my $res = $self->app->($env);
    $self->response_cb($res, sub {
        my $res = Plack::Response->new(@{$_[0]});
        $self->finalize($request, $res);
        $res = $res->finalize;
        $_[0]->[0] = $res->[0];
        $_[0]->[1] = $res->[1];
    });
}

sub get_session {
    my($self, $request) = @_;

    my $id = $self->state->extract($request) or return;
    my $session = $self->store->fetch($id)   or return;

    return ($id, $session);
}

sub generate_id {
    my($self, $request) = @_;
    $self->state->generate($request);
}

sub commit {
    my($self, $session, $options) = @_;
    if ($options->{expire}) {
        $self->store->cleanup($options->{id});
    } else {
        $self->store->store($options->{id}, $session);
    }
}

sub finalize {
    my($self, $request, $response) = @_;

    my $session = $request->env->{'psgix.session'};
    my $options = $request->env->{'psgix.session.options'};

    $self->commit($session, $options) unless $options->{no_store};
    if ($options->{expire}) {
        $self->expire_session($options->{id}, $response, $session, $options);
    } else {
        $self->save_state($options->{id}, $response, $session, $options);
    }
}

sub expire_session {
    my($self, $id, $res, $session, $options) = @_;
    $self->state->expire_session_id($options->{id}, $res, $options);
}

sub save_state {
    my($self, $id, $res, $session, $options) = @_;
    $self->state->finalize($id, $res, $options);
}

1;

__END__

=pod

=head1 NAME

Plack::Middleware::Session - Middleware for session management

=head1 SYNOPSIS

  use Plack::Builder;

  my $app = sub {
      my $env = shift;
      my $session = $env->{'psgix.session'};
      return [
          200,
          [ 'Content-Type' => 'text/plain' ],
          [ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
      ];
  };

  builder {
      enable 'Session';
      $app;
  };

  # Or, use the File store backend (great if you use multiprocess server)
  # For more options, see perldoc Plack::Session::Store::File
  builder {
      enable 'Session', store => 'File';
      $app;
  };

=head1 DESCRIPTION

This is a Plack Middleware component for session management. By
default it will use cookies to keep session state and store data in
memory. This distribution also comes with other state and store
solutions. See perldoc for these backends how to use them.

It should be noted that we store the current session as a hash
reference in the C<psgix.session> key inside the C<$env> where you can
access it as needed.

B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
instead of C<plack.session>.

Also, if you set I<session_class> option (see below), we create a
session object out of the hash reference in C<plack.session>.

=head2 State

=over 4

=item L<Plack::Session::State>

This will maintain session state by passing the session through
the request params. It does not do this automatically though,
you are responsible for passing the session param.

=item L<Plack::Session::State::Cookie>

This will maintain session state using browser cookies.

=back

=head2 Store

=over 4

=item L<Plack::Session::Store>

This is your basic in-memory session data store. It is volatile storage
and not recommended for multiprocessing environments. However it is
very useful for development and testing.

=item L<Plack::Session::Store::File>

This will persist session data in a file. By default it uses
L<Storable> but it can be configured to have a custom serializer and
deserializer.

=item L<Plack::Session::Store::Cache>

This will persist session data using the L<Cache> interface.

=item L<Plack::Session::Store::Null>

Sometimes you don't care about storing session data, in that case
you can use this noop module.

=back

=head1 OPTIONS

The following are options that can be passed to this mdoule.

=over 4

=item I<state>

This is expected to be an instance of L<Plack::Session::State> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::State::Cookie> will be used.

=item I<store>

This is expected to be an instance of L<Plack::Session::Store> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::Store> will be used.

It should be noted that this default is an in-memory volatile store
is only suitable for development (or single process servers). For a
more robust solution see L<Plack::Session::Store::File> or
L<Plack::Session::Store::Cache>.

=item I<session_class>

This can be used to create an actual session object in
C<plack.session> environment. Defaults to none, which means the
session object is not created but you can set C<Plack::Session> to
create an object for you.

=back

=head1 BUGS

All complex software has bugs lurking in it, and this module is no
exception. If you find a bug please either email me, or add the bug
to cpan-RT.

=head1 AUTHOR

Tatsuhiko Miyagawa

Stevan Little E<lt>stevan.little@iinteractive.comE<gt>

=head1 COPYRIGHT AND LICENSE

Copyright 2009, 2010 Infinity Interactive, Inc.

L<http://www.iinteractive.com>

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut
Commit	Line	Data
bd992981	1	package Plack::Middleware::Session;
	2	use strict;
	3	use warnings;
	4
000c696e	5	our $VERSION = '0.03';
30cc0a71	6	our $AUTHORITY = 'cpan:STEVAN';
30cc0a71	7
bd992981	8	use Plack::Request;
bd992981	9	use Plack::Response;
ad80e445	10	use Plack::Util;
ad80e445	11	use Scalar::Util;
bd992981	12
	13	use parent 'Plack::Middleware';
	14
d6af4aa8	15	use Plack::Util::Accessor qw(
	16	state
	17	store
	18	session_class
	19	);
bd992981	20
fe1bfe7d	21	sub prepare_app {
fe1bfe7d	22	my $self = shift;
fe1bfe7d	23
4ff41723	24	$self->state( 'Cookie' ) unless $self->state;
ad80e445	25	$self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
ad80e445	26	$self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
4ff41723	27
4ff41723	28	Plack::Util::load_class($self->session_class) if $self->session_class;
ad80e445	29	}
	30
	31	sub inflate_backend {
	32	my($self, $prefix, $backend) = @_;
	33
	34	return $backend if defined $backend && Scalar::Util::blessed $backend;
	35
	36	my @class;
	37	push @class, $backend if defined $backend; # undef means the root class
	38	push @class, $prefix;
	39
	40	Plack::Util::load_class(@class)->new();
fe1bfe7d	41	}
fe1bfe7d	42
bd992981	43	sub call {
	44	my $self = shift;
	45	my $env = shift;
	46
4ff41723	47	my $request = Plack::Request->new($env);
4ff41723	48
dc556d28	49	my($id, $session) = $self->get_session($request);
dc556d28	50	if ($id && $session) {
4ff41723	51	$env->{'psgix.session'} = $session;
4ff41723	52	} else {
dc556d28	53	$id = $self->generate_id($request);
4ff41723	54	$env->{'psgix.session'} = {};
	55	}
	56
	57	$env->{'psgix.session.options'} = { id => $id };
4a0cb5a0	58
4ff41723	59	if ($self->session_class) {
3bf03fd8	60	$env->{'plack.session'} = $self->session_class->new($env);
4ff41723	61	}
bd992981	62
fe1bfe7d	63	my $res = $self->app->($env);
	64	$self->response_cb($res, sub {
	65	my $res = Plack::Response->new(@{$_[0]});
dc556d28	66	$self->finalize($request, $res);
b2504d01	67	$res = $res->finalize;
	68	$_[0]->[0] = $res->[0];
	69	$_[0]->[1] = $res->[1];
fe1bfe7d	70	});
bd992981	71	}
bd992981	72
dc556d28	73	sub get_session {
	74	my($self, $request) = @_;
	75
	76	my $id = $self->state->extract($request) or return;
	77	my $session = $self->store->fetch($id) or return;
	78
	79	return ($id, $session);
	80	}
	81
	82	sub generate_id {
	83	my($self, $request) = @_;
	84	$self->state->generate($request);
	85	}
	86
4ff41723	87	sub commit {
	88	my($self, $session, $options) = @_;
	89	if ($options->{expire}) {
	90	$self->store->cleanup($options->{id});
	91	} else {
	92	$self->store->store($options->{id}, $session);
	93	}
	94	}
	95
	96	sub finalize {
dc556d28	97	my($self, $request, $response) = @_;
	98
	99	my $session = $request->env->{'psgix.session'};
	100	my $options = $request->env->{'psgix.session.options'};
4ff41723	101
399edae6	102	$self->commit($session, $options) unless $options->{no_store};
98b27b31	103	if ($options->{expire}) {
dc556d28	104	$self->expire_session($options->{id}, $response, $session, $options);
4ff41723	105	} else {
dc556d28	106	$self->save_state($options->{id}, $response, $session, $options);
4ff41723	107	}
	108	}
	109
dc556d28	110	sub expire_session {
	111	my($self, $id, $res, $session, $options) = @_;
	112	$self->state->expire_session_id($options->{id}, $res, $options);
	113	}
	114
	115	sub save_state {
	116	my($self, $id, $res, $session, $options) = @_;
	117	$self->state->finalize($id, $res, $options);
	118	}
	119
bd992981	120	1;
	121
	122	__END__
ac4892f4	123
	124	=pod
	125
	126	=head1 NAME
	127
	128	Plack::Middleware::Session - Middleware for session management
	129
	130	=head1 SYNOPSIS
	131
3d92cf47	132	use Plack::Builder;
ac4892f4	133
3d92cf47	134	my $app = sub {
536da026	135	my $env = shift;
4ff41723	136	my $session = $env->{'psgix.session'};
536da026	137	return [
	138	200,
	139	[ 'Content-Type' => 'text/plain' ],
4ff41723	140	[ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
536da026	141	];
3d92cf47	142	};
	143
	144	builder {
	145	enable 'Session';
	146	$app;
	147	};
	148
ad80e445	149	# Or, use the File store backend (great if you use multiprocess server)
	150	# For more options, see perldoc Plack::Session::Store::File
	151	builder {
	152	enable 'Session', store => 'File';
	153	$app;
	154	};
	155
ac4892f4	156	=head1 DESCRIPTION
ac4892f4	157
3d92cf47	158	This is a Plack Middleware component for session management. By
ad80e445	159	default it will use cookies to keep session state and store data in
	160	memory. This distribution also comes with other state and store
	161	solutions. See perldoc for these backends how to use them.
3d92cf47	162
4ff41723	163	It should be noted that we store the current session as a hash
	164	reference in the C<psgix.session> key inside the C<$env> where you can
	165	access it as needed.
	166
	167	B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
	168	instead of C<plack.session>.
b84f31d0	169
4ff41723	170	Also, if you set I<session_class> option (see below), we create a
4ff41723	171	session object out of the hash reference in C<plack.session>.
536da026	172
3d92cf47	173	=head2 State
	174
	175	=over 4
	176
	177	=item L<Plack::Session::State>
	178
	179	This will maintain session state by passing the session through
	180	the request params. It does not do this automatically though,
	181	you are responsible for passing the session param.
	182
	183	=item L<Plack::Session::State::Cookie>
	184
	185	This will maintain session state using browser cookies.
	186
	187	=back
	188
	189	=head2 Store
	190
	191	=over 4
	192
	193	=item L<Plack::Session::Store>
	194
	195	This is your basic in-memory session data store. It is volatile storage
	196	and not recommended for multiprocessing environments. However it is
	197	very useful for development and testing.
	198
	199	=item L<Plack::Session::Store::File>
	200
	201	This will persist session data in a file. By default it uses
	202	L<Storable> but it can be configured to have a custom serializer and
	203	deserializer.
	204
20ede533	205	=item L<Plack::Session::Store::Cache>
3d92cf47	206
20ede533	207	This will persist session data using the L<Cache> interface.
3d92cf47	208
	209	=item L<Plack::Session::Store::Null>
	210
	211	Sometimes you don't care about storing session data, in that case
	212	you can use this noop module.
	213
	214	=back
	215
30cc0a71	216	=head1 OPTIONS
	217
	218	The following are options that can be passed to this mdoule.
	219
	220	=over 4
	221
	222	=item I<state>
	223
	224	This is expected to be an instance of L<Plack::Session::State> or an
	225	object that implements the same interface. If no option is provided
	226	the default L<Plack::Session::State::Cookie> will be used.
	227
	228	=item I<store>
	229
	230	This is expected to be an instance of L<Plack::Session::Store> or an
	231	object that implements the same interface. If no option is provided
	232	the default L<Plack::Session::Store> will be used.
	233
	234	It should be noted that this default is an in-memory volatile store
	235	is only suitable for development (or single process servers). For a
	236	more robust solution see L<Plack::Session::Store::File> or
	237	L<Plack::Session::Store::Cache>.
	238
	239	=item I<session_class>
	240
4ff41723	241	This can be used to create an actual session object in
	242	C<plack.session> environment. Defaults to none, which means the
	243	session object is not created but you can set C<Plack::Session> to
	244	create an object for you.
30cc0a71	245
	246	=back
	247
ac4892f4	248	=head1 BUGS
	249
	250	All complex software has bugs lurking in it, and this module is no
	251	exception. If you find a bug please either email me, or add the bug
	252	to cpan-RT.
	253
	254	=head1 AUTHOR
	255
	256	Tatsuhiko Miyagawa
	257
	258	Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
	259
	260	=head1 COPYRIGHT AND LICENSE
	261
000c696e	262	Copyright 2009, 2010 Infinity Interactive, Inc.
ac4892f4	263
	264	L<http://www.iinteractive.com>
	265
	266	This library is free software; you can redistribute it and/or modify
	267	it under the same terms as Perl itself.
	268
	269	=cut
	270
	271