Apache::Session::Generate::ModUsertrack - mod_usertrack for session ID generation

Apache-Session documentation Contained in the Apache-Session distribution.

Index

Code Index:

NAME

Top

Apache::Session::Generate::ModUsertrack - mod_usertrack for session ID generation

SYNOPSIS

Top

  use Apache::Session::Flex;

  tie %session, 'Apache::Session::Flex', $id, {
      Store     => 'MySQL',
      Lock      => 'Null',
      Generate  => 'ModUsertrack',
      Serialize => 'Storable',
      ModUsertrackCookieName => 'usertrack', # optional
  };

DESCRIPTION

Top

Apache::Session::Generate::ModUsertrack enables you to use cookie tracked by mod_usertrack as session id for Apache::Session framework. This module fits well with long-term sessions, so better using RDBMS like MySQL for its storage.

CONFIGURATION

Top

This module accepts one extra configuration option.

ModUsertrackCookieName

Specifies cookie name used in mod_usertrack. Apache for default, so change this if you change it via CookieName directive in mod_usertrack.

LIMITATION WITHOUT MOD_PERL

Top

This module first tries to fetch named cookie, but will in vain ONLY WHEN the HTTP request is the first one from specific client to the mod_usertrack enabled Apache web server. It is because if the request is for the first time, cookies are not yet baked on clients.

If you run scripts under mod_perl, this module tries to steal (not yet baked) cookie from Apache request notes.

See Apache for details.

AUTHOR

Top

Tatsuhiko Miyagawa <miyagawa@bulknews.net>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

SEE ALSO

Top

Apache::Session, Apache::Session::Flex, mod_usertrack

Apache-Session documentation Contained in the Apache-Session distribution. 
package Apache::Session::Generate::ModUsertrack;

use strict;
use vars qw($VERSION);
$VERSION = '0.02';

use CGI::Cookie;
use constant MOD_PERL => exists $ENV{MOD_PERL};

sub generate {
    my $session = shift;

    my $name = $session->{args}->{ModUsertrackCookieName} || 'Apache';
    my %cookies = CGI::Cookie->fetch;

    if (!exists $cookies{$name} && MOD_PERL) {
	# no cookies, try to steal from notes
	require Apache;
	my $r = Apache->request;
	%cookies = CGI::Cookie->parse($r->notes('cookie'));
    }

    unless ($cookies{$name}) {
	# still bad luck
	require Carp;
	Carp::croak('no cookie found. Make sure mod_usertrack is enabled.');
    }
    $session->{data}->{_session_id} = $cookies{$name}->value;
}

sub validate {
    my $session = shift;

    # remote_host (or remote_addr) + int
    $session->{data}->{_session_id} =~ /^[\d\w\.]+\.\d+$/
	or die "invalid session id: $session->{data}->{_session_id}";
}

1;
__END__