1 package Plack::Middleware::Session::Cookie;
3 use parent qw(Plack::Middleware::Session);
5 use Plack::Util::Accessor qw(secret session_key domain expires path secure);
13 use Plack::Session::State::Cookie;
18 $self->session_key("plack_session") unless $self->session_key;
20 $self->state( Plack::Session::State::Cookie->new );
21 for my $attr (qw(session_key path domain expires secure)) {
22 $self->state->$attr($self->$attr);
27 my($self, $request) = @_;
29 my $cookie = $self->state->get_session_id($request) or return;
31 my($time, $b64, $sig) = split /:/, $cookie, 3;
32 $self->sig($b64) eq $sig or return;
34 # NOTE: do something with $time?
36 my $session = Storable::thaw(MIME::Base64::decode($b64));
37 return ($self->generate_id, $session);
42 return scalar Time::HiRes::gettimeofday;
48 my($self, $id, $res, $env) = @_;
50 my $cookie = $self->_serialize($id, $env->{'psgix.session'});
51 $self->state->finalize($cookie, $res, $env->{'psgix.session.options'});
55 my($self, $id, $session) = @_;
57 my $b64 = MIME::Base64::encode( Storable::freeze($session), '' );
58 join ":", $id, $b64, $self->sig($b64);
63 return '.' unless $self->secret;
64 Digest::HMAC_SHA1::hmac_sha1_hex($b64, $self->secret);
73 Plack::Middleware::Session::Cookie - Session middleware that saves session data in the cookie
77 enable "Session::Cookie";
81 This middleware component allows you to use the cookie as a sole
82 cookie state and store, without any server side storage to do the
83 session management. This middleware utilizes its own state and store
84 automatically for you, so you can't override the objects.
88 This middleware is a subclass of L<Plack::Middleware::Session> and
89 accepts most configuration of the parent class. In addition, following
96 Server side secret to sign the session data using HMAC SHA1. Defaults
97 to nothing (i.e. do not sign) but B<strongly recommended> to set your
100 =item session_key, domain, expires, path, secure
102 Accessors for the cookie attribuets. See
103 L<Plack::Session::State::Cookie> for these options.
113 Rack::Session::Cookie L<Dancer::Session::Cookie>