Provided by: libmojolicious-perl_7.59+dfsg-1ubuntu1_all bug

NAME

       Mojolicious::Sessions - Session manager based on signed cookies

SYNOPSIS

         use Mojolicious::Sessions;

         my $sessions = Mojolicious::Sessions->new;
         $sessions->cookie_name('myapp');
         $sessions->default_expiration(86400);

DESCRIPTION

       Mojolicious::Sessions manages sessions based on signed cookies for Mojolicious. All data
       gets serialized with Mojo::JSON and stored Base64 encoded on the client-side, but is
       protected from unwanted changes with a HMAC-SHA1 signature.

ATTRIBUTES

       Mojolicious::Sessions implements the following attributes.

   cookie_domain
         my $domain = $sessions->cookie_domain;
         $sessions  = $sessions->cookie_domain('.example.com');

       Domain for session cookies, not defined by default.

   cookie_name
         my $name  = $sessions->cookie_name;
         $sessions = $sessions->cookie_name('session');

       Name for session cookies, defaults to "mojolicious".

   cookie_path
         my $path  = $sessions->cookie_path;
         $sessions = $sessions->cookie_path('/foo');

       Path for session cookies, defaults to "/".

   default_expiration
         my $time  = $sessions->default_expiration;
         $sessions = $sessions->default_expiration(3600);

       Default time for sessions to expire in seconds from now, defaults to 3600.  The expiration
       timeout gets refreshed for every request. Setting the value to 0 will allow sessions to
       persist until the browser window is closed, this can have security implications though.
       For more control you can also use the "expiration" and "expires" session values.

         # Expiration date in seconds from now (persists between requests)
         $c->session(expiration => 604800);

         # Expiration date as absolute epoch time (only valid for one request)
         $c->session(expires => time + 604800);

         # Delete whole session by setting an expiration date in the past
         $c->session(expires => 1);

   deserialize
         my $cb    = $sessions->deserialize;
         $sessions = $sessions->deserialize(sub {...});

       A callback used to deserialize sessions, defaults to "j" in Mojo::JSON.

         $sessions->deserialize(sub {
           my $bytes = shift;
           return {};
         });

   secure
         my $bool  = $sessions->secure;
         $sessions = $sessions->secure($bool);

       Set the secure flag on all session cookies, so that browsers send them only over HTTPS
       connections.

   serialize
         my $cb    = $sessions->serialize;
         $sessions = $sessions->serialize(sub {...});

       A callback used to serialize sessions, defaults to "encode_json" in Mojo::JSON.

         $sessions->serialize(sub {
           my $hash = shift;
           return '';
         });

METHODS

       Mojolicious::Sessions inherits all methods from Mojo::Base and implements the following
       new ones.

   load
         $sessions->load(Mojolicious::Controller->new);

       Load session data from signed cookie.

   store
         $sessions->store(Mojolicious::Controller->new);

       Store session data in signed cookie.

SEE ALSO

       Mojolicious, Mojolicious::Guides, <http://mojolicious.org>.