# NAME

Plack::Middleware::Session::Simple - Make Session Simple

# SYNOPSIS

   use Plack::Builder;
   use Cache::Memcached::Fast;

   my $app = sub {
       my $env = shift;
       my $counter = $env->{'psgix.session'}->{counter}++;
       [200,[], ["counter => $counter"]];
   };

   builder {
       enable 'Session::Simple',
           store => Cache::Memcached::Fast->new({servers=>[..]}),
           cookie_name => 'myapp_session';
       $app
   };

# DESCRIPTION

Plack::Middleware::Session::Simple is a yet another session management module.
This middleware has compatibility with Plack::Middleware::Session by
supporting psgix.session and psgi.session.options.
You can reduce unnecessary accessing to store and Set-Cookie header.

This module uses Cookie to keep session state. does not support URI based session state.

# OPTIONS

- store

   object instance that has get, set, and remove methods.

- cookie\_name

   This is the name of the session key, it defaults to 'simple\_session'.

- keep\_empty

   If disabled, Plack::Middleware::Session::Simple does not output Set-Cookie header and store session until session are used. You can reduce Set-Cookie header and access to session store that is not required. (default: true/enabled)

       builder {
           enable 'Session::Simple',
               cache => Cache::Memcached::Fast->new({servers=>[..]}),
               session_key => 'myapp_session',
               keep_empty => 0;
           mount '/' => sub {
               my $env = shift;
               [200,[], ["ok"]];
           },
           mount '/login' => sub {
               my $env = shift;
               $env->{'psgix.session'}->{user} = 'session user'
               [200,[], ["login"]];
           },
       };

       my $res = $app->(req_to_psgi(GET "/")); #res does not have Set-Cookie
       my $res = $app->(req_to_psgi(GET "/login")); #res has Set-Cookie

   If you have a plan to use session\_id as csrf token, you must not disable keep\_empty.

- path

   Path of the cookie, this defaults to "/";

- domain

   Domain of the cookie, if nothing is supplied then it will not be included in the cookie.

- expires

   Cookie's expires date time. several formats are supported. see [Cookie::Baker](https://metacpan.org/pod/Cookie::Baker) for details.
   if nothing is supplied then it will not be included in the cookie, which means the session expires per browser session.

- secure

   Secure flag for the cookie, if nothing is supplied then it will not be included in the cookie.

- httponly

   HttpOnly flag for the cookie, if nothing is supplied then it will not be included in the cookie.

- sid\_generator

   CodeRef that used to generate unique session ids, by default it uses SHA1

- sid\_validator

   Regexp that used to validate session id in Cookie

- serializer

   serialize,deserialize method. Optional. This is useful with Cache::FastMmap

       my $cfm = Cache::FastMmap->new(raw_values => 1);
       my $decoder = Sereal::Decoder->new();
       my $encoder = Sereal::Encoder->new();
       builder {
         enable 'Session::Simple',
             store => $fm,
             serializer => [ sub { $encoder->encode($_[0]) }, sub { $decoder->decode($_[0]) } ],
         $app;
       };

# LICENSE

Copyright (C) Masahiro Nagano.

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

# AUTHOR

Masahiro Nagano <[email protected]>

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.