1 package Plack::Middleware::Session;
6 our $AUTHORITY = 'cpan:STEVAN';
13 use parent 'Plack::Middleware';
15 use Plack::Util::Accessor qw(
24 $self->state( 'Cookie' ) unless $self->state;
25 $self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
26 $self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
28 Plack::Util::load_class($self->session_class) if $self->session_class;
32 my($self, $prefix, $backend) = @_;
34 return $backend if defined $backend && Scalar::Util::blessed $backend;
37 push @class, $backend if defined $backend; # undef means the root class
40 Plack::Util::load_class(@class)->new();
47 my $request = Plack::Request->new($env);
50 if ($id = $self->state->extract($request) and
51 $session = $self->store->fetch($id)) {
52 $env->{'psgix.session'} = $session;
54 $id = $self->state->generate($request);
55 $env->{'psgix.session'} = {};
58 $env->{'psgix.session.options'} = { id => $id };
60 if ($self->session_class) {
61 $env->{'plack.session'} = $self->session_class->new(
63 _data => $env->{'psgix.session'},
64 options => $env->{'psgix.session.options'},
68 my $res = $self->app->($env);
69 $self->response_cb($res, sub {
70 my $res = Plack::Response->new(@{$_[0]});
71 $self->finalize($env->{'psgix.session'}, $env->{'psgix.session.options'}, $res);
72 $res = $res->finalize;
73 $_[0]->[0] = $res->[0];
74 $_[0]->[1] = $res->[1];
79 my($self, $session, $options) = @_;
80 if ($options->{expire}) {
81 $self->store->cleanup($options->{id});
83 $self->store->store($options->{id}, $session);
88 my($self, $session, $options, $response) = @_;
90 $self->commit($session, $options);
91 if ($options->{expire}) {
92 $self->state->expire_session_id($options->{id}, $response);
94 $self->state->finalize($options->{id}, $response, $options);
106 Plack::Middleware::Session - Middleware for session management
114 my $session = $env->{'psgix.session'};
117 [ 'Content-Type' => 'text/plain' ],
118 [ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
127 # Or, use the File store backend (great if you use multiprocess server)
128 # For more options, see perldoc Plack::Session::Store::File
130 enable 'Session', store => 'File';
136 This is a Plack Middleware component for session management. By
137 default it will use cookies to keep session state and store data in
138 memory. This distribution also comes with other state and store
139 solutions. See perldoc for these backends how to use them.
141 It should be noted that we store the current session as a hash
142 reference in the C<psgix.session> key inside the C<$env> where you can
145 B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
146 instead of C<plack.session>.
148 Also, if you set I<session_class> option (see below), we create a
149 session object out of the hash reference in C<plack.session>.
155 =item L<Plack::Session::State>
157 This will maintain session state by passing the session through
158 the request params. It does not do this automatically though,
159 you are responsible for passing the session param.
161 =item L<Plack::Session::State::Cookie>
163 This will maintain session state using browser cookies.
171 =item L<Plack::Session::Store>
173 This is your basic in-memory session data store. It is volatile storage
174 and not recommended for multiprocessing environments. However it is
175 very useful for development and testing.
177 =item L<Plack::Session::Store::File>
179 This will persist session data in a file. By default it uses
180 L<Storable> but it can be configured to have a custom serializer and
183 =item L<Plack::Session::Store::Cache>
185 This will persist session data using the L<Cache> interface.
187 =item L<Plack::Session::Store::Null>
189 Sometimes you don't care about storing session data, in that case
190 you can use this noop module.
196 The following are options that can be passed to this mdoule.
202 This is expected to be an instance of L<Plack::Session::State> or an
203 object that implements the same interface. If no option is provided
204 the default L<Plack::Session::State::Cookie> will be used.
208 This is expected to be an instance of L<Plack::Session::Store> or an
209 object that implements the same interface. If no option is provided
210 the default L<Plack::Session::Store> will be used.
212 It should be noted that this default is an in-memory volatile store
213 is only suitable for development (or single process servers). For a
214 more robust solution see L<Plack::Session::Store::File> or
215 L<Plack::Session::Store::Cache>.
217 =item I<session_class>
219 This can be used to create an actual session object in
220 C<plack.session> environment. Defaults to none, which means the
221 session object is not created but you can set C<Plack::Session> to
222 create an object for you.
228 All complex software has bugs lurking in it, and this module is no
229 exception. If you find a bug please either email me, or add the bug
236 Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
238 =head1 COPYRIGHT AND LICENSE
240 Copyright 2009, 2010 Infinity Interactive, Inc.
242 L<http://www.iinteractive.com>
244 This library is free software; you can redistribute it and/or modify
245 it under the same terms as Perl itself.