.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Mojolicious::Sessions 3pm" .TH Mojolicious::Sessions 3pm "2019-02-05" "perl v5.28.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Mojolicious::Sessions \- Session manager based on signed cookies .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use Mojolicious::Sessions; \& \& my $sessions = Mojolicious::Sessions\->new; \& $sessions\->cookie_name(\*(Aqmyapp\*(Aq); \& $sessions\->default_expiration(86400); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" Mojolicious::Sessions manages sessions based on signed cookies for Mojolicious. All data gets serialized with Mojo::JSON and stored Base64 encoded on the client-side, but is protected from unwanted changes with a \&\s-1HMAC\-SHA1\s0 signature. .SH "ATTRIBUTES" .IX Header "ATTRIBUTES" Mojolicious::Sessions implements the following attributes. .SS "cookie_domain" .IX Subsection "cookie_domain" .Vb 2 \& my $domain = $sessions\->cookie_domain; \& $sessions = $sessions\->cookie_domain(\*(Aq.example.com\*(Aq); .Ve .PP Domain for session cookies, not defined by default. .SS "cookie_name" .IX Subsection "cookie_name" .Vb 2 \& my $name = $sessions\->cookie_name; \& $sessions = $sessions\->cookie_name(\*(Aqsession\*(Aq); .Ve .PP Name for session cookies, defaults to \f(CW\*(C`mojolicious\*(C'\fR. .SS "cookie_path" .IX Subsection "cookie_path" .Vb 2 \& my $path = $sessions\->cookie_path; \& $sessions = $sessions\->cookie_path(\*(Aq/foo\*(Aq); .Ve .PP Path for session cookies, defaults to \f(CW\*(C`/\*(C'\fR. .SS "default_expiration" .IX Subsection "default_expiration" .Vb 2 \& my $time = $sessions\->default_expiration; \& $sessions = $sessions\->default_expiration(3600); .Ve .PP Default time for sessions to expire in seconds from now, defaults to \f(CW3600\fR. The expiration timeout gets refreshed for every request. Setting the value to \&\f(CW0\fR will allow sessions to persist until the browser window is closed, this can have security implications though. For more control you can also use the \&\f(CW\*(C`expiration\*(C'\fR and \f(CW\*(C`expires\*(C'\fR session values. .PP .Vb 2 \& # Expiration date in seconds from now (persists between requests) \& $c\->session(expiration => 604800); \& \& # Expiration date as absolute epoch time (only valid for one request) \& $c\->session(expires => time + 604800); \& \& # Delete whole session by setting an expiration date in the past \& $c\->session(expires => 1); .Ve .SS "deserialize" .IX Subsection "deserialize" .Vb 2 \& my $cb = $sessions\->deserialize; \& $sessions = $sessions\->deserialize(sub {...}); .Ve .PP A callback used to deserialize sessions, defaults to \*(L"j\*(R" in Mojo::JSON. .PP .Vb 4 \& $sessions\->deserialize(sub { \& my $bytes = shift; \& return {}; \& }); .Ve .SS "samesite" .IX Subsection "samesite" .Vb 2 \& my $samesite = $sessions\->samesite; \& $sessions = $sessions\->samesite(\*(AqStrict\*(Aq); .Ve .PP Set the SameSite value on all session cookies, defaults to \f(CW\*(C`Lax\*(C'\fR. Note that this attribute is \s-1EXPERIMENTAL\s0 because even though most commonly used browsers support the feature, there is no specification yet besides this draft . .PP .Vb 2 \& # Disable SameSite feature \& $sessions\->samesite(undef); .Ve .SS "secure" .IX Subsection "secure" .Vb 2 \& my $bool = $sessions\->secure; \& $sessions = $sessions\->secure($bool); .Ve .PP Set the secure flag on all session cookies, so that browsers send them only over \s-1HTTPS\s0 connections. .SS "serialize" .IX Subsection "serialize" .Vb 2 \& my $cb = $sessions\->serialize; \& $sessions = $sessions\->serialize(sub {...}); .Ve .PP A callback used to serialize sessions, defaults to \*(L"encode_json\*(R" in Mojo::JSON. .PP .Vb 4 \& $sessions\->serialize(sub { \& my $hash = shift; \& return \*(Aq\*(Aq; \& }); .Ve .SH "METHODS" .IX Header "METHODS" Mojolicious::Sessions inherits all methods from Mojo::Base and implements the following new ones. .SS "load" .IX Subsection "load" .Vb 1 \& $sessions\->load(Mojolicious::Controller\->new); .Ve .PP Load session data from signed cookie. .SS "store" .IX Subsection "store" .Vb 1 \& $sessions\->store(Mojolicious::Controller\->new); .Ve .PP Store session data in signed cookie. .SH "SEE ALSO" .IX Header "SEE ALSO" Mojolicious, Mojolicious::Guides, .