GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CATALYST::PLUGIN::SESSION::PERUSER (3)

.ds Aq ’

NAME

Catalyst::Plugin::Session::PerUser - Per user sessions (instead of per browser sessions).

CONTENTS

SYNOPSIS



        use Catalyst qw/
                Session
                Authentication
                Authentication::Store::Foo
                Session::PerUser
        /;

        sub action : Local {
                my ( $self, $c ) = @_;
                $c->user_session->{foo} = "bar";
        }



DESCRIPTION

This plugin allows you to write e.g. shopping cart code which should behave well for guests as well as permanent users.

The basic idea is both logged in and not logged in users can get the same benefits from sessions where it doesn’t matter, but that logged in users can keep their sessions accross logins, and will even get the data they added/changed assimilated to their permanent account if they made the changes as guests and then logged in.

This is probably most useful for e-commerce sites, where the shopping cart is typically used before login, and should be equally accessible to both guests and logged in users.

STORING SESSION DATA

This module can store session data in two ways:

    Within the User

If $c->user->supports("session_data") then $c->user->get_session_data and $c->user->store_session_data($data) are used to access and store the per-user session hash reference.

This is useful for Catalyst::Plugin::Authentication::Store implementations that rely on a database or another fast, extensible format.

    Within the Session Store

If the user does not support the session_data feature, the Catalyst::Plugin::Session::Store plugin in use will be used to save the session data instead.

The session ID used to save this data is set by user_session_sid.

Note that this method could potentially have security issues if you override the default user_session_sid or validate_session_id in Catalyst::Plugin::Session. See CAVEATS for details.

METHODS

user_session If no user is logged in, returns $c->session.

If a user is logged in, and $user->supports("session_data") it will return $c->user->get_session_data. Otherwise it will return data from the normal session store, using user_session_sid as a session ID.

INTERNAL METHODS

merge_session_to_user Uses Hash::Merge to merge the browser session into the user session, omitting the special keys from the browser session.

Should be overloaded to e.g. merge shopping cart items more intelligently.

user_session_sid By default returns



        "user:" . $c->user->id



EXTENDED METHODS

set_authenticated Calls merge_session_to_user.
setup
finalize
logout

CONFIGURATION



        $c->config->{user_session} = {
        ...
    };



migrate Whether $c->session should be merged over $c->user_session on login. On by default.
merge_type Passed to set_behavior in Hash::Merge. Defaults to RIGHT_PRECEDENT.

CAVEATS

If you override validate_session_id in Catalyst::Plugin::Session make sure its format <B>DOES NOT ALLOWB> the format returned by user_session_sid, or malicious users could potentially set their cookies to have sessions formatted like a string returned by user_session_sid, and steal or destroy another user’s session without authenticating. =back

SEE ALSO

Catalyst::Plugin::Authentication, Catalyst::Plugin::Session

AUTHORS

David Kamholz, dkamholz@cpan.org

Yuval Kogman, nothingmuch@woobling.org

Tomas Doran, bobtfish@bobtfish.net

COPYRIGHT & LICENSE



        Copyright (c) 2005 the aforementioned authors. Some rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.



POD ERRORS

Hey! <B>The above document had some coding errors, which are explained below:B>
Around line 263: Expected text after =item, not a bullet
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 CATALYST::PLUGIN::SESSION::PERUSER (3) 2010-01-22

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.