The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.

NAME

Catalyst::Plugin::AutoSession - Generate session variables directly from request parameters

SYNOPSIS

    # To set session variables directly from request parameters

    use Catalyst qw(AutoSession Session);

    # Configure the prefix and exclusions

    Admin->config(
        AutoSession => {
            prefix      => 'sess_',
            exclude     => [qw(logged_in_user logged_in_username)],
        },
    );

    # Now any request parameter of the form 'sess_xxxx' will automatically
    # create a session variable 'xxxx' e.g.
    #
    # http://mydomain.com/myapp/?sess_myname=icydee
    #
    # will create a session variable 'myname' equal to 'icydee'

DESCRIPTION

It is frequently useful to have persistant forms, for example a search input field which retains the value of the last search.

To do this it is common to process the request parameters and save the entered value into a session variable. When you re-display the form you set the value from the session variable.

This module automates this process by automatically setting session variables from request parameters that start with a specific prefix.

By default, all $c->request->parameters that start with the prefix sess_ are converted into session variables. The session variables are given the same name as the $c->request->parameters but with the prefix removed.

There may be a security issue in allowing some session variables to be set from a $c->request->parameter. As an example consider a session variable that holds the logged in status of the user, 'loggedInUserId'. If this could be set from the URL then it would bypass the authentication. Any such session variables can be explicitely excluded in the exclude configuration.

EXTENDED METHODS

prepare

Will automatically set session variables based on $c->request->parameters that start with a specified prefix. prepare is called automatically by the Catalyst Engine; the end user will not have to call it directly. (In fact, it should never be called directly by the end user.)

CONFIGURATION

The default prefix is sess_ but this can be changed in the configuration.

By default, all $c->request->parameters that start with this prefix are used to create session variables. Exclude any that you do not want to process by specifying an array of names in the configuration.

    __PACKAGE__->config(
        AutoSession => {
            prefix      => 'sess_',
            exclude     => [qw(logged_in_user logged_in_username)],
        },
    );

In a template

    <input name="sess_search" value="[% c.session.search %]">

Each time a value is input into this search form it will be remembered in a session variable and used to re-populate the form when it is displayed again.

COPYRIGHT & LICENSE

        Copyright (c) 2005 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.