[Catalyst] Session trouble

Bill Moseley moseley at hank.org
Sat Oct 13 01:38:44 GMT 2007 

On Mon, Oct 08, 2007 at 04:18:21PM -0500, Jonathan Rockway wrote:
> Bill Moseley wrote:
> > I noticed jrockway has fixed this in C::P::Session.  Thanks!
> >
> > Any idea when this might get pushed to CPAN?
> >
> > BTW -- I had created a test case some time back.  I'll attach it just
> > in case you want to add to the C::P::S::State::Cookie package.
> 
> nuffin released the updated C::P::S and C::P::S::S::C modules today. 
> Sessions should be happy again!

Hun, one thing still looks a bit odd.


If I make a request with an expired session ID (so a new session id must be
created) then two session ids are generated.

I have overridden calculate_session_cookie_expires() and in that
method I access the session.  That seems to trigger the second
session.  My guess is the session id is being deleted too early in the
request.

Notice that the cookie returned is not the final session.


$ lwp-request -e -H 'Cookie: session_session=303a8ac2d218af37c05e00d939d94969c8f1a735' http://localhost:3000/foo | grep Set-Cookie 
Set-Cookie: session_session=885985c3819b8a702d6e05d8416931036619f313; path=/; expires=Sat, 13-Oct-2007 02:30:49 GMT

got sid from cookie [303a8ac2d218af37c05e00d939d94969c8f1a735]
in sessionid [303a8ac2d218af37c05e00d939d94969c8f1a735]  called from Catalyst::Plugin::Session::_load_session
in sessionid [303a8ac2d218af37c05e00d939d94969c8f1a735]  called from Catalyst::Plugin::Session::_load_session_expires
in sessionid [303a8ac2d218af37c05e00d939d94969c8f1a735]  called from Catalyst::Plugin::Session::delete_session
in sessionid []  called from Catalyst::Plugin::Session::create_session_id_if_needed
in sessionid [885985c3819b8a702d6e05d8416931036619f313]  called from Catalyst::Plugin::Session::_load_session
in sessionid [885985c3819b8a702d6e05d8416931036619f313]  called from Catalyst::Plugin::Session::_load_session_expires
in sessionid [885985c3819b8a702d6e05d8416931036619f313]  called from Catalyst::Plugin::Session::delete_session
in sessionid []  called from Catalyst::Plugin::Session::create_session_id_if_needed
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_save_session_expires
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_save_session

So notice that the returned cookie was the second one.
But that's not the session id that was stored.  It's the last one that
was stored:

$ lwp-request -e -H 'Cookie: session_session=5c981550654a8a9effdf66574f8d165e93b76cc0' http://localhost:3000/foo | grep Set-Cookie 
Set-Cookie: session_session=5c981550654a8a9effdf66574f8d165e93b76cc0; path=/; expires=Sat, 13-Oct-2007 02:35:26 GMT

got sid from cookie [5c981550654a8a9effdf66574f8d165e93b76cc0]
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_load_session
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_load_session_expires
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::extend_session_expires
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_save_session_expires
in sessionid [5c981550654a8a9effdf66574f8d165e93b76cc0]  called from Catalyst::Plugin::Session::_save_session


The reason I want to access the session in
calculate_session_cookie_expires() is to set the value based on some
setting in the session.



package Session;
use strict;
use warnings;
use Catalyst::Runtime;
use Catalyst (
    'Cache',                    # Configurable cache system
    'Cache::Store::FastMmap',   # Since FastMmap doesn't conform to Cache standards
    'Session',                  # Session Management
    'Session::Store::Cache',    # Use the cache to store sessions
    'Session::State::Cookie',   # And use cookies for state.
);
__PACKAGE__->config(
    name    => 'Session',
    cache   => {
        backends => {
            default => {
                store => 'FastMmap',
            },
        },
    },
);
__PACKAGE__->setup;


sub default : Private {
    my ( $self, $c ) = @_;
    $c->res->body( "setting session\n" );
    $c->session->{bar} = time; # Trigger session write
}

sub calculate_session_cookie_expires {
    my $c = shift;

    my $x = $c->session->{foo};

    return $c->NEXT::calculate_session_cookie_expires;
}

1;


-- 
Bill Moseley
moseley at hank.org

More information about the Catalyst mailing list