.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "Plack::Middleware::Session 3pm" .TH Plack::Middleware::Session 3pm "2019-03-01" "perl v5.28.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Plack::Middleware::Session \- Middleware for session management .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use Plack::Builder; \& \& my $app = sub { \& my $env = shift; \& my $session = $env\->{\*(Aqpsgix.session\*(Aq}; \& return [ \& 200, \& [ \*(AqContent\-Type\*(Aq => \*(Aqtext/plain\*(Aq ], \& [ "Hello, you\*(Aqve been here for ", $session\->{counter}++, "th time!" ], \& ]; \& }; \& \& builder { \& enable \*(AqSession\*(Aq; \& $app; \& }; \& \& # Or, use the File store backend (great if you use multiprocess server) \& # For more options, see perldoc Plack::Session::Store::File \& builder { \& enable \*(AqSession\*(Aq, store => \*(AqFile\*(Aq; \& $app; \& }; .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" This is a Plack Middleware component for session management. By default it will use cookies to keep session state and store data in memory. This distribution also comes with other state and store solutions. See perldoc for these backends how to use them. .PP It should be noted that we store the current session as a hash reference in the \f(CW\*(C`psgix.session\*(C'\fR key inside the \f(CW$env\fR where you can access it as needed. .PP \&\fB\s-1NOTE:\s0\fR As of version 0.04 the session is stored in \f(CW\*(C`psgix.session\*(C'\fR instead of \f(CW\*(C`plack.session\*(C'\fR. .SS "State" .IX Subsection "State" .IP "Plack::Session::State" 4 .IX Item "Plack::Session::State" This will maintain session state by passing the session through the request params. It does not do this automatically though, you are responsible for passing the session param. .IP "Plack::Session::State::Cookie" 4 .IX Item "Plack::Session::State::Cookie" This will maintain session state using browser cookies. .SS "Store" .IX Subsection "Store" .IP "Plack::Session::Store" 4 .IX Item "Plack::Session::Store" This is your basic in-memory session data store. It is volatile storage and not recommended for multiprocessing environments. However it is very useful for development and testing. .IP "Plack::Session::Store::File" 4 .IX Item "Plack::Session::Store::File" This will persist session data in a file. By default it uses Storable but it can be configured to have a custom serializer and deserializer. .IP "Plack::Session::Store::Cache" 4 .IX Item "Plack::Session::Store::Cache" This will persist session data using the Cache interface. .IP "Plack::Session::Store::Null" 4 .IX Item "Plack::Session::Store::Null" Sometimes you don't care about storing session data, in that case you can use this noop module. .SH "OPTIONS" .IX Header "OPTIONS" The following are options that can be passed to this module. .IP "\fIstate\fR" 4 .IX Item "state" This is expected to be an instance of Plack::Session::State or an object that implements the same interface. If no option is provided the default Plack::Session::State::Cookie will be used. .IP "\fIstore\fR" 4 .IX Item "store" This is expected to be an instance of Plack::Session::Store or an object that implements the same interface. If no option is provided the default Plack::Session::Store will be used. .Sp It should be noted that this default is an in-memory volatile store is only suitable for development (or single process servers). For a more robust solution see Plack::Session::Store::File or Plack::Session::Store::Cache. .SH "PLACK REQUEST OPTIONS" .IX Header "PLACK REQUEST OPTIONS" In addition to providing a \f(CW\*(C`psgix.session\*(C'\fR key in \f(CW$env\fR for persistent session information, this module also provides a \&\f(CW\*(C`psgix.session.options\*(C'\fR key which can be used to control the behavior of the module per-request. The following sub-keys exist: .IP "\fIchange_id\fR" 4 .IX Item "change_id" If set to a true value, forces the session identifier to change (rotate). This should always be done after logging in, to prevent session fixation attacks from subdomains; see .IP "\fIexpire\fR" 4 .IX Item "expire" If set to a true value, expunges the session from the store, and clears the state in the client. .IP "\fIno_store\fR" 4 .IX Item "no_store" If set to a true value, no changes made to the session in this request will be saved to the store. Either \*(L"expire\*(R" and \*(L"change_id\*(R" take precedence over this, as both need to update the session store. .IP "\fIlate_store\fR" 4 .IX Item "late_store" If set to a true value, the session will be saved at the \fIend\fR of the request, after all data has been sent to the client \*(-- this may be required if streaming responses attempt to alter the session after the header has already been sent to the client. Note, however, that it introduces a possible race condition, where the server attempts to store the updated session before the client makes the next request. For redirects, or other responses on which the client needs do minimal processing before making a second request, this race is quite possible to win \*(-- causing the second request to obtain stale session data. .IP "\fIid\fR" 4 .IX Item "id" This key contains the session identifier of the session. It should be considered read-only; to generate a new identifier, use \*(L"change_id\*(R". .SH "BUGS" .IX Header "BUGS" All complex software has bugs lurking in it, and this module is no exception. If you find a bug please either email me, or add the bug to cpan-RT. .SH "AUTHOR" .IX Header "AUTHOR" Tatsuhiko Miyagawa .PP Stevan Little .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" Copyright 2009, 2010 Infinity Interactive, Inc. .PP .PP This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.