Thanks Matt, I'll definitely try this when I get round to trying to solve this issue.
Where does MyApp::set_athenticated get called from? when the user logs in? no, that can't be it ... you're way ahead of me here :-) ... >> >> 1. checking whether there is an existing session associated this username >> > >> > Session::PerUser ? >> > >> >> I looked briefly at this, but I'm a bit wary because >> C::P::Session::Store::Fastmmap warns against being used with it. What >> is PerUser doing that is special in that respect, and what is a good >> backend for it? >> >> REading the docs for it, it seems like something slightly different - >> keeping the same session in place, even if the user logs in in the >> middle of it, if I understand correctly? > > You want: > > login from elsewhere to log out the same user anywhere else > > It wants: > > any login by the same user "claims" the user's session > > so, if you add in your root auto > > if ($c->user_exists) { > unless ($c->user_session->{sid} eq $c->sessionid) { > $c->logout; > $c->forward('/auth/logged_out'); > return 0; > } > } > > and in MyApp > > sub set_authenticated { > my $self = shift; > $self->next::method(@_); > $self->user_session->{sid} = $self->sessionid; > } > > then you should pretty much be done. > > So far as I can tell, this is perfect for you. You just sometimes get > persistent session data as well (it warns against fastmmap because in the > "persistent session" use case fastmmap is lossy - in yours the lossyness > is irrelevant, you don't care about the persistence feature) > > -- > Matt S Trout Need help with your Catalyst or DBIx::Class project? > Technical Director http://www.shadowcat.co.uk/catalyst/ > Shadowcat Systems Ltd. Want a managed development or deployment platform? > http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/ > > _______________________________________________ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > -- There's an infinite supply of time, we just don't have it all yet. _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/