[Catalyst] Duplicate session ids
Bill Moseley
moseley at hank.org
Mon Jul 9 04:03:45 GMT 2007
On Sat, May 26, 2007 at 03:49:23PM -0700, mla wrote:
> Try changing Catalyst::Plugin::Session::finalize() to this:
>
> sub finalize {
> my $c = shift;
>
> $c->NEXT::finalize(@_);
> $c->finalize_session;
> }
>
> Just flipped the calls so it finalizes last. Seems to fix it.
That's what .16 now has.
But, if finalize calls finalize_headers then calling finalize_session
after that is too late to get the cookies in the response. Which is
why I'm not seeing a cookie in the response.
Well, I get a cookie sent on the first request. I assume that's
because my first request is asking for session info (when there is not
yet) which ends up calling set_session_id and that calls
update_session_cookie.
But once I have a cookie (and thus a session) no more cookies are
sent.
The problem I had was I wanted access to the session data while
processing cookies which by that time the session data had been
cleared.[1]
Should it be like this instead?
sub finalize {
my $c = shift;
$c->finalize_session;
$c->NEXT::finalize(@_);
$c->_clear_session_instance_data;
}
sub finalize_session {
my $c = shift;
$c->NEXT::finalize_session;
$c->_save_session_id;
$c->_save_session;
$c->_save_flash;
$c->_save_session_expires;
}
[1] The result was when I tried to access the session a new session
would then be created -- so my session id was ever-changing and I
could never log in.
--
Bill Moseley
moseley at hank.org
More information about the Catalyst
mailing list