HTTP::Session2 - Abstract base class for HTTP::Session2
This is an abstract base class for HTTP::Session2.
my $session = HTTP::Session2::*->new(%args)
Create new instance.
This module uses HMAC to sign the session data. You can choice HMAC function for security enhancements and performance tuning.
Default: \&Digest::SHA::sha1_hex
\&Digest::SHA::sha1_hex
Options for session cookie. For more details, please look Cookie::Baker.
Default:
+{ httponly => 1, secure => 0, name => 'hss_session', path => '/', },
HTTP::Session2 generates 2 cookies. One is for session, other is for XSRF token. This parameter configures parameters for XSRF token cookie. For more details, please look Cookie::Baker.
+{ httponly => 0, secure => 0, name => 'XSRF-TOKEN', path => '/', },
Note: httponly flag should be false. Because this parameter should be readable from JavaScript. And it does not decrease security.
httponly
$session->get($key: Str)
Get a value from session.
$session->set($key: Str, $value:Any)
Set a value to session. This means you can set any Serializable data to the storage.
$session->remove($key: Str)
Remove the value from session.
$session->validate_xsrf_token($token: Str)
my $token = $req->header('X-XSRF-TOKEN') || $req->param('XSRF-TOKEN'); unless ($session->validate_xsrf_token($token)) { return Plack::Response->new( 403, [], 'Missing XSRF token' ); }
Validate XSRF token. If the XSRF token is valid, return true. False otherwise.
$session->xsrf_token()
Get a XSRF token in string.
$session->finalize_plack_response($res: Plack::Response)
Finalize cookie headers and inject it to Plack::Response instance.
To install HTTP::Session2, copy and paste the appropriate command in to your terminal.
cpanm
cpanm HTTP::Session2
CPAN shell
perl -MCPAN -e shell install HTTP::Session2
For more information on module installation, please visit the detailed CPAN module installation guide.