MATSUNO★Tokuhiro > HTTP-Session2-0.04 > HTTP::Session2::Base

Download:
HTTP-Session2-0.04.tar.gz

Dependencies

Annotate this POD

Website

View/Report Bugs
Source   Latest Release: HTTP-Session2-0.05

NAME ^

HTTP::Session2 - Abstract base class for HTTP::Session2

DESCRIPTION ^

This is an abstract base class for HTTP::Session2.

Common Methods ^

my $session = HTTP::Session2::*->new(%args)

Create new instance.

hmac_function: CodeRef

This module uses HMAC to sign the session data. You can choice HMAC function for security enhancements and performance tuning.

Default: \&Digest::SHA::sha1_hex

session_cookie: HashRef

Options for session cookie. For more details, please look Cookie::Baker.

Default:

        +{
            httponly => 1,
            secure   => 0,
            name     => 'hss_session',
            path     => '/',
        },
xsrf_cookie: HashRef

HTTP::Session2 generates 2 cookies. One is for session, other is for XSRF token. This parameter configures parameters for XSRF token cookie. For more details, please look Cookie::Baker.

Default:

        +{
            httponly => 0,
            secure   => 0,
            name     => 'XSRF-TOKEN',
            path     => '/',
        },

Note: httponly flag should be false. Because this parameter should be readable from JavaScript. And it does not decrease security.

$session->get($key: Str)

Get a value from session.

$session->set($key: Str, $value:Any)

Set a value to session. This means you can set any Serializable data to the storage.

$session->remove($key: Str)

Remove the value from session.

$session->validate_xsrf_token($token: Str)
    my $token = $req->header('X-XSRF-TOKEN') || $req->param('XSRF-TOKEN');
    unless ($session->validate_xsrf_token($token)) {
        return Plack::Response->new(
            403,
            [],
            'Missing XSRF token'
        );
    }

Validate XSRF token. If the XSRF token is valid, return true. False otherwise.

$session->xsrf_token()

Get a XSRF token in string.

$session->finalize_plack_response($res: Plack::Response)

Finalize cookie headers and inject it to Plack::Response instance.

syntax highlighting: