1 package Plack::Middleware::Session;
6 our $AUTHORITY = 'cpan:STEVAN';
11 use parent 'Plack::Middleware';
13 use Plack::Util::Accessor qw(
21 $self->state( 'Cookie' ) unless $self->state;
22 $self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
23 $self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
27 my($self, $prefix, $backend) = @_;
29 return $backend if defined $backend && Scalar::Util::blessed $backend;
32 push @class, $backend if defined $backend; # undef means the root class
35 Plack::Util::load_class(@class)->new();
42 my($id, $session) = $self->get_session($env);
43 if ($id && $session) {
44 $env->{'psgix.session'} = $session;
46 $id = $self->generate_id($env);
47 $env->{'psgix.session'} = {};
50 $env->{'psgix.session.options'} = { id => $id };
52 my $res = $self->app->($env);
53 $self->response_cb($res, sub { $self->finalize($env, $_[0]) });
59 my $id = $self->state->extract($env) or return;
60 my $session = $self->store->fetch($id) or return;
62 return ($id, $session);
67 $self->state->generate($env);
73 my $session = $env->{'psgix.session'};
74 my $options = $env->{'psgix.session.options'};
76 if ($options->{expire}) {
77 $self->store->remove($options->{id});
78 } elsif ($options->{change_id}) {
79 $self->store->remove($options->{id});
80 $options->{id} = $self->generate_id($env);
81 $self->store->store($options->{id}, $session);
83 $self->store->store($options->{id}, $session);
88 my($self, $env, $res) = @_;
90 my $session = $env->{'psgix.session'};
91 my $options = $env->{'psgix.session.options'};
93 $self->commit($env) unless $options->{no_store};
94 if ($options->{expire}) {
95 $self->expire_session($options->{id}, $res, $env);
97 $self->save_state($options->{id}, $res, $env);
102 my($self, $id, $res, $env) = @_;
103 $self->state->expire_session_id($id, $res, $env->{'psgix.session.options'});
107 my($self, $id, $res, $env) = @_;
108 $self->state->finalize($id, $res, $env->{'psgix.session.options'});
119 Plack::Middleware::Session - Middleware for session management
127 my $session = $env->{'psgix.session'};
130 [ 'Content-Type' => 'text/plain' ],
131 [ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
140 # Or, use the File store backend (great if you use multiprocess server)
141 # For more options, see perldoc Plack::Session::Store::File
143 enable 'Session', store => 'File';
149 This is a Plack Middleware component for session management. By
150 default it will use cookies to keep session state and store data in
151 memory. This distribution also comes with other state and store
152 solutions. See perldoc for these backends how to use them.
154 It should be noted that we store the current session as a hash
155 reference in the C<psgix.session> key inside the C<$env> where you can
158 B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
159 instead of C<plack.session>.
165 =item L<Plack::Session::State>
167 This will maintain session state by passing the session through
168 the request params. It does not do this automatically though,
169 you are responsible for passing the session param.
171 =item L<Plack::Session::State::Cookie>
173 This will maintain session state using browser cookies.
181 =item L<Plack::Session::Store>
183 This is your basic in-memory session data store. It is volatile storage
184 and not recommended for multiprocessing environments. However it is
185 very useful for development and testing.
187 =item L<Plack::Session::Store::File>
189 This will persist session data in a file. By default it uses
190 L<Storable> but it can be configured to have a custom serializer and
193 =item L<Plack::Session::Store::Cache>
195 This will persist session data using the L<Cache> interface.
197 =item L<Plack::Session::Store::Null>
199 Sometimes you don't care about storing session data, in that case
200 you can use this noop module.
206 The following are options that can be passed to this module.
212 This is expected to be an instance of L<Plack::Session::State> or an
213 object that implements the same interface. If no option is provided
214 the default L<Plack::Session::State::Cookie> will be used.
218 This is expected to be an instance of L<Plack::Session::Store> or an
219 object that implements the same interface. If no option is provided
220 the default L<Plack::Session::Store> will be used.
222 It should be noted that this default is an in-memory volatile store
223 is only suitable for development (or single process servers). For a
224 more robust solution see L<Plack::Session::Store::File> or
225 L<Plack::Session::Store::Cache>.
231 All complex software has bugs lurking in it, and this module is no
232 exception. If you find a bug please either email me, or add the bug
239 Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
241 =head1 COPYRIGHT AND LICENSE
243 Copyright 2009, 2010 Infinity Interactive, Inc.
245 L<http://www.iinteractive.com>
247 This library is free software; you can redistribute it and/or modify
248 it under the same terms as Perl itself.