sub cgiapp_prerun
{
my $self = shift;
my $q = $self->query();
# Open existing session from cookie id, or open new session
my $session = new CGI::Session(undef, $q, {Directory=>'/tmp'});
# Delete session if user requested logout
if ($q->param('rm') eq 'logout')
{
$session->delete();
# Start new session
$session = new CGI::Session(undef, undef, {Directory=>'/tmp'});
# Set session as logged out
$session->param(-name=> 'logged_in', -value => 0);
# Change run mode to default run mode
$self->prerun_mode('default');
}
$session->expire('+1h');
my $cookie = $q->cookie(CGISESSID => $session->id);
# Send cookie in header
$self->header_props(-cookie => $cookie);
# Make session params available to other subs & modules
$self->param(session => $session);
}
A separate validation run mode, which is used to validate both registrations and logins, sets the session parameter 'logged_in' to true if registration or logon was successful.
Pretty simple and it works. I haven't checked out Apache::Session yet so I don't konw which one would be best to use.
UPDATE:
I've just came across this node which recommends using CGIS::Application because it's CGI::Session enabled CGI::Application. Though I haven't looked at it yet so can't give any opinion on which one would be best.
HTH,
Anne |