++ed by:

341 non-PAUSE users.

Sebastian Riedel


Mojolicious::Sessions - Signed cookie based session manager


  use Mojolicious::Sessions;

  my $sessions = Mojolicious::Sessions->new;


Mojolicious::Sessions manages simple signed cookie based sessions for Mojolicious. All data gets serialized with Mojo::JSON and stored on the client-side, but is protected from unwanted changes with a signature.


Mojolicious::Sessions implements the following attributes.

  my $domain = $sessions->cookie_domain;
  $sessions  = $sessions->cookie_domain('.example.com');

Domain for session cookies, not defined by default.

  my $name  = $sessions->cookie_name;
  $sessions = $sessions->cookie_name('session');

Name for session cookies, defaults to mojolicious.

  my $path  = $sessions->cookie_path;
  $sessions = $sessions->cookie_path('/foo');

Path for session cookies, defaults to /.


  my $time  = $sessions->default_expiration;
  $sessions = $sessions->default_expiration(3600);

Default time for sessions to expire in seconds from now, defaults to 3600. The expiration timeout gets refreshed for every request. Setting the value to 0 will allow sessions to persist until the browser window is closed, this can have security implications though. For more control you can also use the expiration and expires session values.

  # Expiration date in epoch seconds from now (persists between requests)
  $c->session(expiration => 604800);

  # Expiration date as absolute epoch time (only valid for one request)
  $c->session(expires => time + 604800);

  # Delete whole session by setting an expiration date in the past
  $c->session(expires => 1);


  my $secure = $sessions->secure;
  $sessions  = $sessions->secure(1);

Set the secure flag on all session cookies, so that browsers send them only over HTTPS connections.


Mojolicious::Sessions inherits all methods from Mojo::Base and implements the following ones.



Load session data from signed cookie.



Store session data in signed cookie.


Mojolicious, Mojolicious::Guides, http://mojolicio.us.