/ 
PAGI-0.001020
River stage one • 2 direct dependents • 2 total dependents
/ PAGI::Middleware::Session::State::Cookie

NAME

PAGI::Middleware::Session::State::Cookie - Cookie-based session ID transport

SYNOPSIS

use PAGI::Middleware::Session::State::Cookie;

my $state = PAGI::Middleware::Session::State::Cookie->new(
    cookie_name    => 'pagi_session',
    cookie_options => { httponly => 1, path => '/', samesite => 'Lax' },
    expire         => 3600,
);

# Extract session ID from request
my $id = $state->extract($scope);

# Inject Set-Cookie header into response
$state->inject(\@headers, $id, {});

DESCRIPTION

Implements the PAGI::Middleware::Session::State interface using HTTP cookies for session ID transport. The session ID is read from the Cookie request header and set via the Set-Cookie response header.

CONFIGURATION

  • cookie_name (default: 'pagi_session')

    Name of the cookie used to store the session ID.

  • cookie_options (default: { httponly => 1, path => '/', samesite => 'Lax' })

    Cookie attributes applied when setting the response cookie.

  • expire (default: 3600)

    Max-Age value for the session cookie, in seconds.

extract

my $session_id = $state->extract($scope);

Find the Cookie header in $scope->{headers} (case-insensitive), parse the cookie string, and return the value matching cookie_name. Returns undef if no matching cookie is found.

inject

$state->inject(\@headers, $id, \%options);

Format a Set-Cookie string and push ['Set-Cookie', $cookie_string] onto the provided headers arrayref.

clear

$state->clear(\@headers);

Expire the session cookie by pushing a Set-Cookie header with Max-Age=0. Called when a session is destroyed.

SEE ALSO

PAGI::Middleware::Session::State - Base state interface

PAGI::Middleware::Session - Session management middleware