I am trying to use CGI::Application::Plugin::Session to create a
session cookie but every time I access the program, I get a new
session. A cookie is set but it doesn't seem to correspond to any in
the SESSION_DIR. I've included what I hope is enough if the code for
some one to figure out what I'm doing wrong.
sub cgiapp_init {
my $self = shift;
# set the config for the session cookies
$self->session_config (
CGI_SESSION_OPTIONS =>
[ "driver:File",$self->query,{Directory=>$CFG{SESSION_DIR}} ],
COOKIE_PARAMS =>
{ -path=>$CFG{COOKIE_PATH},
-expires=>$CFG{SESSION_LENGTH},
-secure=>1 },
SEND_COOKIE => 1 );
}
sub setup {
my $self = shift;
$self->mode_param('rm');
$self->tmpl_path($CFG{TEMPLATE_DIR});
# set allowable run modes
$self->run_modes(
'login' => 'login_page',
'ssl_req' => 'ssl_required',
'authcheck' => 'login_check',
'schedule' => 'schedule',
'services' => 'services',
'envvar' => 'show_env',
'splash' => 'splash_page',
'AUTOLOAD' => 'auto_error_page');
# set the default start mode
if ($ENV{SSL_SESSION_ID}) {
$self->start_mode('schedule');
} else {
$self->start_mode('ssl_req');
}
}
sub teardown {
my $self = shift;
# flush session
$self->session->flush();
}
sub schedule {
my $self = shift;
unless(check_session($self)) {
my $url = "https://"; . $CFG{SELF_URL} . "/?rm=login";
return $self->redirect($url);
}
# etc...
}
sub login {
my $self = shift;
# get login information...
}
sub login_check {
my $self = shift;
# check the request was really a POST
unless ($ENV{REQUEST_METHOD} eq "POST") {
return ww_gonzo_error_page($self,
"Unsafe data transfer attempted");
}
# Check authentication and authorization...
# set inactivity time
$self->session->param('countdown',1);
$self->session->expire('countdown',$CFG{INACTIVITY_TIMER});
# set maximum login time
$self->session->param('max-session',1);
$self->session->expire('max-session',$CFG{SESSION_LENGTH});
# redirect to home page
$url .= "https://"; . $CFG{SELF_URL} . "/?rm=schedule";
return $self->redirect($url);
}
sub check_session {
my $self = shift;
log_page($self);
return 0 unless($self->session->param('countdown'));
return 0 unless($self->session->param('max-session'));
# reset inactivity timer
$self->session->expire('countdown',$CFG{INACTIVITY_TIMER});
return 1;
}
--
Stephen Carville
##### CGI::Application community mailing list ################
## ##
## To unsubscribe, or change your message delivery options, ##
## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ##
## ##
## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ##
## Wiki: http://cgiapp.erlbaum.net/ ##
## ##
################################################################
