App-Context
view release on metacpan or search on metacpan
lib/App/Session/Cookie.pm view on Meta::CPAN
use App::Session;
@ISA = ( "App::Session" );
use strict;
use Data::Dumper;
use Storable qw(freeze thaw);
use Compress::Zlib;
use MIME::Base64 ();
# note: We may want to apply an HMAC (hashed message authentication code)
# so that users cannot fiddle with the values.
# We may also want to add IP address and timeout for security.
# We may also want to add encryption so they can't even decode the data.
# use Digest::HMAC_MD5;
# use Crypt::CBC;
=head1 NAME
App::Session::Cookie - a session whose state is maintained across
HTML requests by being embedded in an HTTP cookie.
=head1 SYNOPSIS
# ... official way to get a Session object ...
use App;
$session = App->session();
$session = $session->session(); # get the session
# any of the following named parameters may be specified
$session = $session->session(
);
# ... alternative way (used internally) ...
use App::Session::Cookie;
$session = App::Session->new();
=cut
#############################################################################
# CONSTANTS
#############################################################################
=head1 DESCRIPTION
A Session class models the sequence of events associated with a
use of the system. These events may occur in different processes.
Yet the accumulated state of the session needs to be propagated from
one process to the next.
This Session::Cookie maintains its state across
HTML requests by being embedded in an HTTP cookie.
As a result, it requires no server-side storage, so the sessions
never need to time out.
The Session::Cookie has an advantage over Session::HTMLHidden in that
data does not need to be posted to a URL for the session data to be
transmitted to it. This allows that the state can be propagated
properly to sub-components of an HTML page such as
* frame documents within a frameset (<frame src=...>)
* dynamically generated images (<img src=...>, <input type=image src=...>)
Limits on cookie storage are as follows, according to "Dynamic HTML,
The Definitive Reference" by O'Reilly in the DOM Reference under
"document.cookie".
* max 2000 chars per cookie (recommended, although 4000 supposedly allowed)
* max 20 cookies per domain
This allows for roughly 40K of session storage.
It is quite conceivable that this amount of storage could be overrun,
so Session::Cookie is only appropriate in situations where you are confident
it will not be. Also, session_objects should take care to clean up after themselves,
and static values stored in the session can alternatively be provided in
the config.
=cut
#############################################################################
# CONSTRUCTOR METHODS
#############################################################################
=head1 Constructor Methods:
=cut
#############################################################################
# new()
#############################################################################
=head2 new()
The constructor is inherited from
L<C<App::Service>|App::Service/"new()">.
=cut
#############################################################################
# PUBLIC METHODS
#############################################################################
=head1 Public Methods:
=cut
#############################################################################
# get_session_id()
#############################################################################
=head2 get_session_id()
* Signature: $session_id = $session->get_session_id();
* Param: void
* Return: $session_id string
* Throws: <none>
* Since: 0.01
Sample Usage:
$session->get_session_id();
( run in 0.556 second using v1.01-cache-2.11-cpan-e1769b4cff6 )