view release on metacpan or  search on metacpan

README  view on Meta::CPAN

    Plack::Session::Store::Cache

      This will persist session data using the Cache interface.

    Plack::Session::Store::Null

      Sometimes you don't care about storing session data, in that case you
      can use this noop module.

OPTIONS

    The following are options that can be passed to this module.

    state

      This is expected to be an instance of Plack::Session::State or an
      object that implements the same interface. If no option is provided
      the default Plack::Session::State::Cookie will be used.

    store

      This is expected to be an instance of Plack::Session::Store or an
      object that implements the same interface. If no option is provided
      the default Plack::Session::Store will be used.

      It should be noted that this default is an in-memory volatile store
      is only suitable for development (or single process servers). For a
      more robust solution see Plack::Session::Store::File or
      Plack::Session::Store::Cache.

PLACK REQUEST OPTIONS

    In addition to providing a psgix.session key in $env for persistent
    session information, this module also provides a psgix.session.options
    key which can be used to control the behavior of the module
    per-request. The following sub-keys exist:

    change_id

      If set to a true value, forces the session identifier to change
      (rotate). This should always be done after logging in, to prevent
      session fixation attacks from subdomains; see
      http://en.wikipedia.org/wiki/Session_fixation#Attacks_using_cross-subdomain_cooking

    expire

      If set to a true value, expunges the session from the store, and
      clears the state in the client.

    no_store

      If set to a true value, no changes made to the session in this
      request will be saved to the store. Either "expire" and "change_id"
      take precedence over this, as both need to update the session store.

    late_store

      If set to a true value, the session will be saved at the end of the
      request, after all data has been sent to the client -- this may be
      required if streaming responses attempt to alter the session after
      the header has already been sent to the client. Note, however, that
      it introduces a possible race condition, where the server attempts to
      store the updated session before the client makes the next request.
      For redirects, or other responses on which the client needs do
      minimal processing before making a second request, this race is quite
      possible to win -- causing the second request to obtain stale session
      data.

    id

      This key contains the session identifier of the session. It should be
      considered read-only; to generate a new identifier, use "change_id".

BUGS

    All complex software has bugs lurking in it, and this module is no
    exception. If you find a bug please either email me, or add the bug to
    cpan-RT.

AUTHOR

    Tatsuhiko Miyagawa

    Stevan Little <stevan.little@iinteractive.com>

COPYRIGHT AND LICENSE

    Copyright 2009, 2010 Infinity Interactive, Inc.

    http://www.iinteractive.com

    This library is free software; you can redistribute it and/or modify it
    under the same terms as Perl itself.