I want my sessions either to be long-lived (several months) or, at the user's discretion, only last for the current browser session. Achieving either of these is quite easy, but doing both in one app appears a little trickier.
Am I missing something obvious? It seems to me that the easiest way to implement this might be to add a flag that can be saved to the session - 'browser_session_only' or similar. This would then be checked by the C::P::Session::State::Cookie code (for the individual session) and the correct cookie expiry time set. Happy to provide patches/tests if this is the way to go. Or is there a better way? Cheers, Edmund. PS: Note that setting a shorter ttl on just the '__user' key in the stash using $c->session_expire_key( __user => 3600 ) will not do what I want - which is to limit the cookie's lifetime to the current browser session. PPS: actually implementing what I want is quite simple. You could save a random value to the session under the key 'browser_session_only' and save the same value to a cookie with a lifetime set to the browser session. In your 'auto' you'd then check for the value in the session and if found check for it in the cookie. If there is a mismatch delete the session. But I'd rather do it through the sessions code rather than bolting it on the side. -- Edmund von der Burg - [email protected] mob: +44 7903 420 689 web: http://www.ecclestoad.co.uk/ _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
