Mailing List Archive

Look up Catalyst::Plugin::Session - there's a method in there which is
called in runtime.

2011/4/4 Edmund von der Burg <evdb@ecclestoad.co.uk>:
> I want my sessions either to be long-lived (several months) or, at the
> user's discretion, only last for the current browser session.
> Achieving either of these is quite easy, but doing both in one app
> appears a little trickier.
>
> Am I missing something obvious?
>
> It seems to me that the easiest way to implement this might be to add
> a flag that can be saved to the session - 'browser_session_only' or
> similar. This would then be checked by the
> C::P::Session::State::Cookie code (for the individual session) and the
> correct cookie expiry time set. Happy to provide patches/tests if this
> is the way to go.
>
> Or is there a better way?
>
> Cheers,
>  Edmund.
>
> --
> Edmund von der Burg - evdb@ecclestoad.co.uk
> mob: +44 7903 420 689
> web: http://www.ecclestoad.co.uk/
>
> _______________________________________________
> Catalyst-dev mailing list
> Catalyst-dev@lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>

_______________________________________________
Catalyst-dev mailing list
Catalyst-dev@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev

On 4 April 2011 13:07, Boris G. Kolesnikov <kolesnikov.boris@gmail.com> wrote:
> Look up Catalyst::Plugin::Session - there's a method in there which is
> called in runtime.

Please treat me as very stupid and point me at the method - I don't
seem to be able to work out which one you mean.

Cheers,
Edmund.


> 2011/4/4 Edmund von der Burg <evdb@ecclestoad.co.uk>:
>> I want my sessions either to be long-lived (several months) or, at the
>> user's discretion, only last for the current browser session.
>> Achieving either of these is quite easy, but doing both in one app
>> appears a little trickier.
>>
>> Am I missing something obvious?
>>
>> It seems to me that the easiest way to implement this might be to add
>> a flag that can be saved to the session - 'browser_session_only' or
>> similar. This would then be checked by the
>> C::P::Session::State::Cookie code (for the individual session) and the
>> correct cookie expiry time set. Happy to provide patches/tests if this
>> is the way to go.
>>
>> Or is there a better way?
>>
>> Cheers,
>>  Edmund.
>>
>> --
>> Edmund von der Burg - evdb@ecclestoad.co.uk
>> mob: +44 7903 420 689
>> web: http://www.ecclestoad.co.uk/
>>
>> _______________________________________________
>> Catalyst-dev mailing list
>> Catalyst-dev@lists.scsys.co.uk
>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>>
>
> _______________________________________________
> Catalyst-dev mailing list
> Catalyst-dev@lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>



--
Edmund von der Burg - evdb@ecclestoad.co.uk
mob: +44 7903 420 689
web: http://www.ecclestoad.co.uk/

_______________________________________________
Catalyst-dev mailing list
Catalyst-dev@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev

On 5 April 2011 07:59, Boris G. Kolesnikov <kolesnikov.boris@gmail.com> wrote:
> http://search.cpan.org/~bobtfish/Catalyst-Plugin-Session-0.31/lib/Catalyst/Plugin/Session.pm#METHODS
>
> session_expire_key $key, $ttl
> Mark a key to expire at a certain time (only useful when shorter than
> the expiry time for the whole session).
>
> For example:
>
>    __PACKAGE__->config('Plugin::Session' => { expires => 10000000000
> }); # "forever"
>    (NB If this number is too large, Y2K38 breakage could result.)
>
>    # later
>
>    $c->session_expire_key( __user => 3600 );
>
> This is what you do in your code, in configuration you put it as long
> as possible, here you mark the shorted ttl value :)

Yeah - I thought you may have meant that. Except that doing that won't
change the cookie so that it gets deleted when the users quits the
browser. Anyone coming along within an hour of the last request on
that computer could start the browser and resume the session.

This is a problem that needs to be fixed on the cookie. A short TTL in
the session store is also a good idea but not sufficient.

I note I've probably posted this question to the wrong list. I'll
repost a clearer version on the general Catalyst list to get wider
opinions.

Cheers,
Edmund.



> 2011/4/4 Edmund von der Burg <evdb@ecclestoad.co.uk>:
>> On 4 April 2011 13:07, Boris G. Kolesnikov <kolesnikov.boris@gmail.com> wrote:
>>> Look up Catalyst::Plugin::Session - there's a method in there which is
>>> called in runtime.
>>
>> Please treat me as very stupid and point me at the method - I don't
>> seem to be able to work out which one you mean.
>>
>> Cheers,
>>  Edmund.
>>
>>
>>> 2011/4/4 Edmund von der Burg <evdb@ecclestoad.co.uk>:
>>>> I want my sessions either to be long-lived (several months) or, at the
>>>> user's discretion, only last for the current browser session.
>>>> Achieving either of these is quite easy, but doing both in one app
>>>> appears a little trickier.
>>>>
>>>> Am I missing something obvious?
>>>>
>>>> It seems to me that the easiest way to implement this might be to add
>>>> a flag that can be saved to the session - 'browser_session_only' or
>>>> similar. This would then be checked by the
>>>> C::P::Session::State::Cookie code (for the individual session) and the
>>>> correct cookie expiry time set. Happy to provide patches/tests if this
>>>> is the way to go.
>>>>
>>>> Or is there a better way?
>>>>
>>>> Cheers,
>>>>  Edmund.
>>>>
>>>> --
>>>> Edmund von der Burg - evdb@ecclestoad.co.uk
>>>> mob: +44 7903 420 689
>>>> web: http://www.ecclestoad.co.uk/
>>>>
>>>> _______________________________________________
>>>> Catalyst-dev mailing list
>>>> Catalyst-dev@lists.scsys.co.uk
>>>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>>>>
>>>
>>> _______________________________________________
>>> Catalyst-dev mailing list
>>> Catalyst-dev@lists.scsys.co.uk
>>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>>>
>>
>>
>>
>> --
>> Edmund von der Burg - evdb@ecclestoad.co.uk
>> mob: +44 7903 420 689
>> web: http://www.ecclestoad.co.uk/
>>
>



--
Edmund von der Burg - evdb@ecclestoad.co.uk
mob: +44 7903 420 689
web: http://www.ecclestoad.co.uk/

_______________________________________________
Catalyst-dev mailing list
Catalyst-dev@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev

On 4 April 2011 10:43, Edmund von der Burg <evdb@ecclestoad.co.uk> wrote:
> It seems to me that the easiest way to implement this might be to add
> a flag that can be saved to the session - 'browser_session_only' or
> similar. This would then be checked by the
> C::P::Session::State::Cookie code (for the individual session) and the
> correct cookie expiry time set. Happy to provide patches/tests if this
> is the way to go.

It would appear that there was no good standard way to do this.

Attached are patches for code and tests that add the following method
to Catalyst::Plugin::Session::State::Cookie:

set_session_cookie_expire $ttl_in_seconds

$c->set_session_cookie_expire(3600); # set to 1 hour
$c->set_session_cookie_expire(0); # expire with browser session
$c->set_session_cookie_expire(undef); # fallback to default

This lets you change the expiry for the current session’s cookie. You can set a
number of seconds, 0 to expire the cookie when the browser quits or undef to
fallback to the configured defaults. The value you choose is persisted.

Note this value has no effect on the exipry in the session store - it only
affects the cookie itself.


The patch is against the latest from the repo:

URL: http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Plugin-Session-State-Cookie/trunk
Revision: 13996


I hope that they can be applied soon - let me know if they need any changes :)

Cheers,
Edmund.

Hey, sorry if this has already been mentioned, but what about http://search.cpan.org/~nuffin/Catalyst-Plugin-Session-DynamicExpiry-0.02/lib/Catalyst/Plugin/Session/DynamicExpiry.pm ?

Marcus Ramberg
Chief Yak Shaver
Nordaaker Consulting http://nordaaker.no/

On torsdag 7. april 2011 at 14.04, Edmund von der Burg wrote:
> On 4 April 2011 10:43, Edmund von der Burg <evdb@ecclestoad.co.uk> wrote:
> > It seems to me that the easiest way to implement this might be to add
> > a flag that can be saved to the session - 'browser_session_only' or
> > similar. This would then be checked by the
> > C::P::Session::State::Cookie code (for the individual session) and the
> > correct cookie expiry time set. Happy to provide patches/tests if this
> > is the way to go.
>
> It would appear that there was no good standard way to do this.
>
> Attached are patches for code and tests that add the following method
> to Catalyst::Plugin::Session::State::Cookie:
>
> set_session_cookie_expire $ttl_in_seconds
>
> $c->set_session_cookie_expire(3600); # set to 1 hour
> $c->set_session_cookie_expire(0); # expire with browser session
> $c->set_session_cookie_expire(undef); # fallback to default
>
> This lets you change the expiry for the current session’s cookie. You can set a
> number of seconds, 0 to expire the cookie when the browser quits or undef to
> fallback to the configured defaults. The value you choose is persisted.
>
> Note this value has no effect on the exipry in the session store - it only
> affects the cookie itself.
>
>
> The patch is against the latest from the repo:
>
> URL: http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Plugin-Session-State-Cookie/trunk
> Revision: 13996
>
>
> I hope that they can be applied soon - let me know if they need any changes :)
>
> Cheers,
> Edmund.
> _______________________________________________
> Catalyst-dev mailing list
> Catalyst-dev@lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>
> Attachments:
> - set_session_cookie_expire.diff
>
>



_______________________________________________
Catalyst-dev mailing list
Catalyst-dev@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev

On 7 April 2011 13:48, Marcus Ramberg <marcus@nordaaker.com> wrote:
> Hey, sorry if this has already been mentioned, but what about http://search.cpan.org/~nuffin/Catalyst-Plugin-Session-DynamicExpiry-0.02/lib/Catalyst/Plugin/Session/DynamicExpiry.pm ?

Similar - but there is one key difference. I want to be able to change
a cookie so that when a browser is quit it is deleted at once - by
setting the expiry to '0'. But the user should also be able to have a
persistant cookie if they want. For both scenarios the ttl of the
session could be nice and long, distinct from the cookie behaviour.

Something like DynamicExpiry comes close in that it lets you set a low
ttl, but it does not allow you to change the expiry in the cookie to
'0'.

I think that as this behaviour is so cookie specific it belongs in the
cookie state code. Certainly it is something that the DynamicExpiry
code could use to change the cookie's properties.

Hope that makes sense :)

Cheers,
Edmund.


> Marcus Ramberg
> Chief Yak Shaver
> Nordaaker Consulting http://nordaaker.no/
>
> On torsdag 7. april 2011 at 14.04, Edmund von der Burg wrote:
>> On 4 April 2011 10:43, Edmund von der Burg <evdb@ecclestoad.co.uk> wrote:
>> > It seems to me that the easiest way to implement this might be to add
>> > a flag that can be saved to the session - 'browser_session_only' or
>> > similar. This would then be checked by the
>> > C::P::Session::State::Cookie code (for the individual session) and the
>> > correct cookie expiry time set. Happy to provide patches/tests if this
>> > is the way to go.
>>
>> It would appear that there was no good standard way to do this.
>>
>> Attached are patches for code and tests that add the following method
>> to Catalyst::Plugin::Session::State::Cookie:
>>
>> set_session_cookie_expire $ttl_in_seconds
>>
>>  $c->set_session_cookie_expire(3600); # set to 1 hour
>>  $c->set_session_cookie_expire(0); # expire with browser session
>>  $c->set_session_cookie_expire(undef); # fallback to default
>>
>> This lets you change the expiry for the current session’s cookie. You can set a
>> number of seconds, 0 to expire the cookie when the browser quits or undef to
>> fallback to the configured defaults. The value you choose is persisted.
>>
>> Note this value has no effect on the exipry in the session store - it only
>> affects the cookie itself.
>>
>>
>> The patch is against the latest from the repo:
>>
>> URL: http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Plugin-Session-State-Cookie/trunk
>> Revision: 13996
>>
>>
>> I hope that they can be applied soon - let me know if they need any changes :)
>>
>> Cheers,
>>  Edmund.
>> _______________________________________________
>> Catalyst-dev mailing list
>> Catalyst-dev@lists.scsys.co.uk
>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>>
>> Attachments:
>> - set_session_cookie_expire.diff
>>
>>
>
>
>
> _______________________________________________
> Catalyst-dev mailing list
> Catalyst-dev@lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
>



--
Edmund von der Burg - evdb@ecclestoad.co.uk
mob: +44 7903 420 689
web: http://www.ecclestoad.co.uk/

_______________________________________________
Catalyst-dev mailing list
Catalyst-dev@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev