Plack-Middleware-Session
4 results

 view release on metacpan or  search on metacpan

lib/Plack/Middleware/Session.pm  view on Meta::CPAN 

you can use this noop module.

=back

=head1 OPTIONS

The following are options that can be passed to this module.

=over 4

=item I<state>

This is expected to be an instance of L<Plack::Session::State> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::State::Cookie> will be used.

=item I<store>

This is expected to be an instance of L<Plack::Session::Store> or an
object that implements the same interface. If no option is provided
the default L<Plack::Session::Store> will be used.

It should be noted that this default is an in-memory volatile store
is only suitable for development (or single process servers). For a
more robust solution see L<Plack::Session::Store::File> or
L<Plack::Session::Store::Cache>.

=back

=head1 PLACK REQUEST OPTIONS

In addition to providing a C<psgix.session> key in C<$env> for
persistent session information, this module also provides a
C<psgix.session.options> key which can be used to control the behavior
of the module per-request.  The following sub-keys exist:

=over

=item I<change_id>

If set to a true value, forces the session identifier to change (rotate).  This
should always be done after logging in, to prevent session fixation
attacks from subdomains; see
L<http://en.wikipedia.org/wiki/Session_fixation#Attacks_using_cross-subdomain_cooking>

=item I<expire>

If set to a true value, expunges the session from the store, and clears
the state in the client.

=item I<no_store>

If set to a true value, no changes made to the session in this request
will be saved to the store.  Either L</expire> and L</change_id> take
precedence over this, as both need to update the session store.

=item I<late_store>

If set to a true value, the session will be saved at the I<end> of the
request, after all data has been sent to the client -- this may be
required if streaming responses attempt to alter the session after the
header has already been sent to the client.  Note, however, that it
introduces a possible race condition, where the server attempts to store
the updated session before the client makes the next request.  For
redirects, or other responses on which the client needs do minimal
processing before making a second request, this race is quite possible
to win -- causing the second request to obtain stale session data.

=item I<id>

This key contains the session identifier of the session.  It should be
considered read-only; to generate a new identifier, use L</change_id>.

=back

=head1 BUGS

All complex software has bugs lurking in it, and this module is no
exception. If you find a bug please either email me, or add the bug
to cpan-RT.

=head1 AUTHOR

Tatsuhiko Miyagawa

Stevan Little E<lt>stevan.little@iinteractive.comE<gt>

=head1 COPYRIGHT AND LICENSE

Copyright 2009, 2010 Infinity Interactive, Inc.

L<http://www.iinteractive.com>

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut



( run in 0.700 second using v1.01-cache-2.11-cpan-39bf76dae61 )