1 package Plack::Middleware::Session;
6 our $AUTHORITY = 'cpan:STEVAN';
11 use parent 'Plack::Middleware';
13 use Plack::Util::Accessor qw(
21 $self->state( 'Cookie' ) unless $self->state;
22 $self->state( $self->inflate_backend('Plack::Session::State', $self->state) );
23 $self->store( $self->inflate_backend('Plack::Session::Store', $self->store) );
27 my($self, $prefix, $backend) = @_;
29 return $backend if defined $backend && Scalar::Util::blessed $backend;
32 push @class, $backend if defined $backend; # undef means the root class
35 Plack::Util::load_class(@class)->new();
42 my($id, $session) = $self->get_session($env);
43 if ($id && $session) {
44 $env->{'psgix.session'} = $session;
46 $id = $self->generate_id($env);
47 $env->{'psgix.session'} = {};
50 $env->{'psgix.session.options'} = { id => $id };
52 my $res = $self->app->($env);
53 $self->response_cb($res, sub { $self->finalize($env, $_[0]) });
59 my $id = $self->state->extract($env) or return;
60 my $session = $self->store->fetch($id) or return;
62 return ($id, $session);
67 $self->state->generate($env);
73 my $session = $env->{'psgix.session'};
74 my $options = $env->{'psgix.session.options'};
76 if ($options->{expire}) {
77 $self->store->remove($options->{id});
79 $self->store->store($options->{id}, $session);
84 my($self, $env, $res) = @_;
86 my $session = $env->{'psgix.session'};
87 my $options = $env->{'psgix.session.options'};
89 $self->commit($env) unless $options->{no_store};
90 if ($options->{expire}) {
91 $self->expire_session($options->{id}, $res, $env);
93 $self->save_state($options->{id}, $res, $env);
98 my($self, $id, $res, $env) = @_;
99 $self->state->expire_session_id($id, $res, $env->{'psgix.session.options'});
103 my($self, $id, $res, $env) = @_;
104 $self->state->finalize($id, $res, $env->{'psgix.session.options'});
115 Plack::Middleware::Session - Middleware for session management
123 my $session = $env->{'psgix.session'};
126 [ 'Content-Type' => 'text/plain' ],
127 [ "Hello, you've been here for ", $session->{counter}++, "th time!" ],
136 # Or, use the File store backend (great if you use multiprocess server)
137 # For more options, see perldoc Plack::Session::Store::File
139 enable 'Session', store => 'File';
145 This is a Plack Middleware component for session management. By
146 default it will use cookies to keep session state and store data in
147 memory. This distribution also comes with other state and store
148 solutions. See perldoc for these backends how to use them.
150 It should be noted that we store the current session as a hash
151 reference in the C<psgix.session> key inside the C<$env> where you can
154 B<NOTE:> As of version 0.04 the session is stored in C<psgix.session>
155 instead of C<plack.session>.
161 =item L<Plack::Session::State>
163 This will maintain session state by passing the session through
164 the request params. It does not do this automatically though,
165 you are responsible for passing the session param.
167 =item L<Plack::Session::State::Cookie>
169 This will maintain session state using browser cookies.
177 =item L<Plack::Session::Store>
179 This is your basic in-memory session data store. It is volatile storage
180 and not recommended for multiprocessing environments. However it is
181 very useful for development and testing.
183 =item L<Plack::Session::Store::File>
185 This will persist session data in a file. By default it uses
186 L<Storable> but it can be configured to have a custom serializer and
189 =item L<Plack::Session::Store::Cache>
191 This will persist session data using the L<Cache> interface.
193 =item L<Plack::Session::Store::Null>
195 Sometimes you don't care about storing session data, in that case
196 you can use this noop module.
202 The following are options that can be passed to this module.
208 This is expected to be an instance of L<Plack::Session::State> or an
209 object that implements the same interface. If no option is provided
210 the default L<Plack::Session::State::Cookie> will be used.
214 This is expected to be an instance of L<Plack::Session::Store> or an
215 object that implements the same interface. If no option is provided
216 the default L<Plack::Session::Store> will be used.
218 It should be noted that this default is an in-memory volatile store
219 is only suitable for development (or single process servers). For a
220 more robust solution see L<Plack::Session::Store::File> or
221 L<Plack::Session::Store::Cache>.
227 All complex software has bugs lurking in it, and this module is no
228 exception. If you find a bug please either email me, or add the bug
235 Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
237 =head1 COPYRIGHT AND LICENSE
239 Copyright 2009, 2010 Infinity Interactive, Inc.
241 L<http://www.iinteractive.com>
243 This library is free software; you can redistribute it and/or modify
244 it under the same terms as Perl itself.