Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Catalyst: Users

Implementing a 'remember me on this computer' button

  

 
Catalyst users RSS feed   Index | Next | Previous | View Threaded


evdb at ecclestoad

Apr 5, 2011, 7:16 AM

Post #1 of 5 (312 views)
Permalink
Implementing a 'remember me on this computer' button
I want my sessions either to be long-lived (several months) or, at the
user's discretion, only last for the current browser session.
Achieving either of these is quite easy, but doing both in one app
appears a little trickier.

Am I missing something obvious?

It seems to me that the easiest way to implement this might be to add
a flag that can be saved to the session - 'browser_session_only' or
similar. This would then be checked by the
C::P::Session::State::Cookie code (for the individual session) and the
correct cookie expiry time set. Happy to provide patches/tests if this
is the way to go.

Or is there a better way?

Cheers,
Edmund.

PS: Note that setting a shorter ttl on just the '__user' key in the
stash using $c->session_expire_key( __user => 3600 ) will not do what
I want - which is to limit the cookie's lifetime to the current
browser session.

PPS: actually implementing what I want is quite simple. You could save
a random value to the session under the key 'browser_session_only' and
save the same value to a cookie with a lifetime set to the browser
session. In your 'auto' you'd then check for the value in the session
and if found check for it in the cookie. If there is a mismatch delete
the session. But I'd rather do it through the sessions code rather
than bolting it on the side.

--
Edmund von der Burg - evdb [at] ecclestoad
mob: +44 7903 420 689
web: http://www.ecclestoad.co.uk/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/


moseley at hank

Apr 5, 2011, 7:49 AM

Post #2 of 5 (294 views)
Permalink
Re: Implementing a 'remember me on this computer' button [In reply to]
On Tue, Apr 5, 2011 at 7:16 AM, Edmund von der Burg
<evdb [at] ecclestoad>wrote:

> I want my sessions either to be long-lived (several months) or, at the
> user's discretion, only last for the current browser session.
> Achieving either of these is quite easy, but doing both in one app
> appears a little trickier.
>

I have used a separate remember me cookie that effectively will auto-login
the user. That's very simple to implement. It doesn't save any session
state that way, but avoiding the login is often what users are after rather
than remembering the exact state of the session. Not sure how useful that
would be for someone returning days later.



--
Bill Moseley
moseley [at] hank


samuel.c.kaufman at gmail

Apr 5, 2011, 10:13 PM

Post #3 of 5 (291 views)
Permalink
Re: Implementing a 'remember me on this computer' button [In reply to]
http://search.cpan.org/~mstrout/Catalyst-Plugin-Session-State-Cookie-0.17/lib/Catalyst/Plugin/Session/State/Cookie.pm
"cookie_expires

Number of seconds from now you want to elapse before cookie will
expire. Set to 0 to create a session cookie, ie one which will die
when the user's browser is shut down."
Sounds pretty simple to me.



On Tue, Apr 5, 2011 at 10:49 AM, Bill Moseley <moseley [at] hank> wrote:
>
>
> On Tue, Apr 5, 2011 at 7:16 AM, Edmund von der Burg <evdb [at] ecclestoad> wrote:
>>
>> I want my sessions either to be long-lived (several months) or, at the
>> user's discretion, only last for the current browser session.
>> Achieving either of these is quite easy, but doing both in one app
>> appears a little trickier.
>
> I have used a separate remember me cookie that effectively will auto-login the user.  That's very simple to implement.  It doesn't save any session state that way, but avoiding the login is often what users are after rather than remembering the exact state of the session.  Not sure how useful that would be for someone returning days later.
>
> --
> Bill Moseley
> moseley [at] hank
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/
>

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/


evdb at ecclestoad

Apr 7, 2011, 4:20 AM

Post #4 of 5 (271 views)
Permalink
Re: Implementing a 'remember me on this computer' button [In reply to]
On 6 April 2011 06:13, Sam Kaufman <samuel.c.kaufman [at] gmail> wrote:
> http://search.cpan.org/~mstrout/Catalyst-Plugin-Session-State-Cookie-0.17/lib/Catalyst/Plugin/Session/State/Cookie.pm
> "cookie_expires
>
> Number of seconds from now you want to elapse before cookie will
> expire. Set to 0 to create a session cookie, ie one which will die
> when the user's browser is shut down."
> Sounds pretty simple to me.

That is a configuration parameter and so gets set at startup and is
applied to all cookies from then on. I want to be able to change the
expiry for an particular cookie so that some sessions persist and
others don't.

Cheers,
Edmund

> On Tue, Apr 5, 2011 at 10:49 AM, Bill Moseley <moseley [at] hank> wrote:
>>
>>
>> On Tue, Apr 5, 2011 at 7:16 AM, Edmund von der Burg <evdb [at] ecclestoad> wrote:
>>>
>>> I want my sessions either to be long-lived (several months) or, at the
>>> user's discretion, only last for the current browser session.
>>> Achieving either of these is quite easy, but doing both in one app
>>> appears a little trickier.
>>
>> I have used a separate remember me cookie that effectively will auto-login the user.  That's very simple to implement.  It doesn't save any session state that way, but avoiding the login is often what users are after rather than remembering the exact state of the session.  Not sure how useful that would be for someone returning days later.
>>
>> --
>> Bill Moseley
>> moseley [at] hank
>>
>> _______________________________________________
>> List: Catalyst [at] lists
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
>> Dev site: http://dev.catalyst.perl.org/
>>
>
> _______________________________________________
> List: Catalyst [at] lists
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
> Dev site: http://dev.catalyst.perl.org/
>



--
Edmund von der Burg - evdb [at] ecclestoad
mob: +44 7903 420 689
web: http://www.ecclestoad.co.uk/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/


edencardim at gmail

Apr 11, 2011, 12:24 PM

Post #5 of 5 (261 views)
Permalink
Re: Implementing a 'remember me on this computer' button [In reply to]
>>>>> "Edmund" == Edmund von der Burg <evdb [at] ecclestoad> writes:

Edmund> That is a configuration parameter and so gets set at startup and is
Edmund> applied to all cookies from then on. I want to be able to change the
Edmund> expiry for an particular cookie so that some sessions persist and
Edmund> others don't.

You can always manipulate the session cookies manually. Use
$c->get_session_cookie, it returns a CGI::Simple::Cookie.

--8<---------------cut here---------------start------------->8---
->config->{Plugin::Session::State::Cookie}{cookie_expires} = 0;

$c->authenticate;
$c->get_session_cookie->expires($ttl) if $remember_user;
--8<---------------cut here---------------end--------------->8---

Should do the trick.

--
Eden Cardim Need help with your Catalyst or DBIx::Class project?
Code Monkey http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://blog.edencardim.com/ http://www.shadowcat.co.uk/servers/

_______________________________________________
List: Catalyst [at] lists
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst [at] lists/
Dev site: http://dev.catalyst.perl.org/

Catalyst users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.