rajeshr has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I am developing an application with CGI::Application and HTML Templating system. Could you please help me in creating the sessions and session management. It would be a great help. I have user id and password and wanted to invalidate them after certain amount of time/on pressing 'Logout', so that un-authorized user can't enter the application.

Replies are listed 'Best First'.
Re: Session Management in CGI::Application
by csuhockey3 (Curate) on Nov 11, 2004 at 07:12 UTC
Re: Session Management in CGI::Application
by Anneq (Vicar) on Nov 15, 2004 at 00:01 UTC

    Perhaps try something like this in your cgiapp_prerun():

    sub cgiapp_prerun { my $self = shift; # Make CGI params avail my $q = $self->query(); # Open existing session (from cgi cookie id) or open new session my $session = new CGI::Session(undef, $q, {Directory=>'tmp'}); $session->expire('+1h'); # Set Cookie containing session id my $cookie = $q->cookie(CGISESSID => $session->id); # C::A method to send send HTTP properties directly to head +er $self->header_props(-cookie => $cookie); # Reset some session, C::A, & CGI params if user just logged out if ($q->param('rm') eq 'logout') { $session->param('logged_in' => 0); $self->prerun_mode($self->param( 'default_rm')); # Reset other params } # Make session params available to other subs & modules $self->param(session => $session); }


Re: Session Management in CGI::Application
by Bovine (Initiate) on Nov 11, 2004 at 10:18 UTC

    I dont know much about CGI::Application, but with CGI, what youre saying sounds easy.

    Cookies seem to be your solution. When a user signs on, give 'em a cookie which expires when the browser closes. Have your CGI(s) be cookie-aware and all sounds like it should be well.

    Look at the docs for the CGI::cookie function.