Apache-AxKit-Plugin-Session
3 results

 view release on metacpan or  search on metacpan

lib/Apache/AxKit/Plugin/Session.pm  view on Meta::CPAN 

    $r->print($message);

    $r->rflush;

    return $status;
}
# ____ End of fixup_redirect ____


# This one can be used as PerlHandler if a non-mod_perl script is doing the login form
# In that case, be sure to validate the login in authen_cred above!
#===============
sub login ($$) {
#---------------
    my ($self, $r, $destination ) = @_;
    $self->debug(3,"======= login(".join(',',@_).")");
    my $auth_name = $r->auth_name || 'AxKitSession';
    my $auth_type = $r->auth_type || __PACKAGE__;

    parse_input(1);
    my $args = $r->pnotes('INPUT');

lib/Apache/AxKit/Plugin/Session.pm  view on Meta::CPAN 

	return OK;
    }
    $self->debug(2,"login() redirecting to $destination");
    return $self->external_redirect($destination);
}
# ____ End of login ____



# Again, this can be used as PerlHandler or called directly
# subclass this one if you want to invalidate a session db
# entry or something like that
#================
sub orig_logout ($$) {
#----------------
    my ($self,$r, $location) = @_;
    $self->debug(3,"======= logout(".join(',',@_).")");
    my $auth_name = $r->auth_name || 'AxKitSession';
    my $auth_type = $r->auth_type || __PACKAGE__;

    # Send the Set-Cookie header to expire the auth cookie.

lib/AxKit/XSP/Auth.pm  view on Meta::CPAN 

are revoked.

=head3 C<<auth:has-access>>

Takes attributes/children 'type' and 'value'. Returns true if the user currently
has access privilege type 'type' equal to / containing 'value'.

=head3 C<<login>>

This tag logs in a user name. It works just like set-access, but additionally the
user name is checked and any existing session of that user is invalidated, so that
users can be logged in only once. Moreover, an external redirect is triggered.
You can provide a 'destination' attribute or child tag to set the destination location,
otherwise, the HTTP request parameter 'destination' is used. If you set 'destination'
to "none", no redirect is performed.

You can add the parameter C<<exclusive="no">> to allow a user to be logged in multiple
times. Note that you need globals enabled to have the exclusive-login mechanism to work.


=head3 C<<logout>>

This tag invalidates the current session, thus logging the user out. If you supply a
'destination' tag or attribute, or if the server config specifies one, a redirect
is triggered.

=head2 Object permission tags

These tags work on permissions of objects. Targets are generally specified as an attribute or
child element called 'target'. An empty target denotes the current page. Permissions are
nested C<<permission>> tags with a 'type' attribute (or child) and either other permission
tags or a text value inside.

lib/AxKit/XSP/Session.pm  view on Meta::CPAN 

        } else {
                return '$$session{"auth_last_access"}*300;';
        }
}

sub get_max_inactive_interval : XSP_exprOrNode(max-inactive-interval)
{
        return '$$session{"auth_expire"}*300;';
}

sub invalidate
{
        return '%$session = ("_session_id" => $$session{"_session_id"}); tied(%$session)->delete;';
}

# FIXME: this sub works unreliable - it only checks if session got created
# during the last 5 seconds
sub is_new : XSP_exprOrNode(new)
{
        return '$$session{"auth_first_access"} > time()+5;';
}

lib/AxKit/XSP/Session.pm  view on Meta::CPAN 


Similar to get-creation-time, except it returns the time since this session
was last accessed.  It differs from Cocoon2 in that it only has a resolution of 5 minutes.
For performance reasons, not every access updates the access time.

=head2 C<<session:remove-attribute>>

Removes an attribute from the session object.  It accepts either an attribute or
child node called 'name' which indicates which session attribute to remove.

=head2 C<<session:invalidate>>

Invalidates (permanently removes) the current session from the data storage.

=head2 C<<session:is-new>>

Indicates whether this session was just created, it returns 1 or 0. The current
implementation doesn't work reliable, it just checks if the session's creation time
lies within the last 5 seconds.

=head2 C<<session:get-max-inactive-interval>>, C<<session:set-max-inactive-interval>>

Gets the minimum time, in seconds, that the server will maintain this session between

lib/AxKit/XSP/Session.pm  view on Meta::CPAN 


=head2 C<<xsp:page>>

The Cocoon2 taglib allows you to automatically create sessions on demand by putting
'create-session="true"' in the <xsp:page> tag. Unfortunately, AxKit XSP doesn't
support this attribute. You can make this behaviour default, though;
use the configuration facilities of Apache::AxKit::Plugin::Session to do that.

=head1 EXAMPLE

  <session:invalidate/>
  SessionID: <xsp:expr><session:get-id/></xsp:expr>
  Creation Time: <xsp:expr><session:get-creation-time/></xsp:expr>
    (Unix Epoch) <xsp:expr><session:get-creation-time as="string"/></xsp:expr>
  <session:set-attribute name="baz">
    boo
  </session:set-attribute>
  <session:set-attribute>
    <session:name>foo</session:name>
    Planet Bob
  </session:set-attribute>



( run in 0.497 second using v1.01-cache-2.11-cpan-a5abf4f5562 )