Catalyst::Plugin::Session::PerUser - Per user sessions (instead of per browser sessions).
use Catalyst qw/ Session Authentication Authentication::Store::Foo Session::PerUser /; sub action : Local { my ( $self, $c ) = @_; $c->user_session->{foo} = "bar"; }
This plugin allows you to write e.g. shopping cart code which should behave well for guests as well as permanent users.
The basic idea is both logged in and not logged in users can get the same benefits from sessions where it doesn't matter, but that logged in users can keep their sessions accross logins, and will even get the data they added/changed assimilated to their permanent account if they made the changes as guests and then logged in.
This is probably most useful for e-commerce sites, where the shopping cart is typically used before login, and should be equally accessible to both guests and logged in users.
This module can store session data in two ways:
If <$c-user->supports("session_data")>> then <$c-user->session_data>> is used as an accessor to store the per-user session hash reference.
<$c-
This is useful for Catalyst::Plugin::Authentication::Store implementations that rely on a database or another fast, extensible format.
If the user does not support the session_data feature, the Catalyst::Plugin::Session::Store plugin in use will be used to save the session data instead.
session_data
The session ID used to save this data is set by user_session_sid.
user_session_sid
Note that this method could potentially have security issues if you override the default user_session_sid or "validate_session_id" in Catalyst::Plugin::Session. See "CAVEATS" for details.
If no user is logged in, returns <$c-session>>.
If a user is logged in, and <$user-supports("session_data")>> it will return <$c-user->session_data>>. Otherwise it will return <$c-user_session_from_session_store>>.
<$user-
Uses Hash::Merge with the RETAINMENT_PRECEDENT and no cloning mode, omitting the special keys from session itself.
RETAINMENT_PRECEDENT
session
Should be overloaded to e.g. merge shopping cart items more smartly.
Uses the Catalyst::Plugin::Session::Store api to get a session data chunk whose session ID is user_session_sid.
Catalyst::Plugin::Session::Store
Stores the session data cached by user_session_from_session_store.
user_session_from_session_store
Returns
"user:" . $c->user->id
Calls merge_session_to_user
merge_session_to_user
$c->config->{user_session};
Whether $c->session should be merged over $c->user_session on login. On by default.
$c->session
$c->user_session
If you override "validate_session_id" in Catalyst::Plugin::Session make sure it's format DOES NOT ALLOW the format returned by user_session_sid, or malicious users could potentially set their cookies to have sessions formatted like a string returned by user_session_sid, and steal or destroy another user's session without authenticating. =back
Catalyst::Plugin::Authentication, Catalyst::Plugin::Session
David Kamholz, dkamholz@cpan.org
dkamholz@cpan.org
Yuval Kogman, nothingmuch@woobling.org
nothingmuch@woobling.org
Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
2 POD Errors
The following errors were encountered while parsing the POD:
'=item' outside of any '=over'
You forgot a '=back' before '=head1'
To install Catalyst::Plugin::Session::PerUser, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Catalyst::Plugin::Session::PerUser
CPAN shell
perl -MCPAN -e shell install Catalyst::Plugin::Session::PerUser
For more information on module installation, please visit the detailed CPAN module installation guide.