堆栈内存溢出
  简体   繁体   English

当使用Dancer :: Session :: Cookie在Dancer(Perl)中空闲时如何销毁cookie?

[英]How to destroy cookies when idle in Dancer (Perl) using Dancer::Session::Cookie?

 原文  2014-09-22 20:30:52       perl/ session/ cookies/ dancer/ expired-cookies

问题描述

Is there a built-in way to destroy a session cookie generated by Dancer::Session::Cookie after a certain amount of minutes of it being idle? 在闲置一定时间后,是否有内置方法可以销毁Dancer::Session::Cookie生成的会话cookie? I noticed that it doesn't even destroy the session when I restart either the Nginx or Starman server, which is not what I want (for security reasons). 我注意到当我重新启动Nginx或Starman服务器时,它甚至都没有破坏会话,这不是我想要的(出于安全原因)。

If there is no built in way is there anything inherently wrong with storing the last time the session was active in an SQL database and updating it after every action? 如果没有内置的方式,那么在SQL数据库中存储会话的上次活动时间并在每次操作后对其进行更新是否有天生的错误? Then if more than 15 minutes or so have gone by without that entry being updated the session cookie will be destroyed (with session->destroy). 然后,如果超过15分钟左右而又没有更新该条目,则会话cookie将被销毁(使用session-> destroy)。 That doesn't seem like the best solution but maybe that's the only way. 这似乎不是最好的解决方案,但这也许是唯一的方法。 From my understanding you can also manually set a cookie expiration time in the HTTP header but that would only destroy the cookie on the client-side, correct? 根据我的理解,您还可以在HTTP标头中手动设置cookie过期时间,但这只会破坏客户端的cookie,对吗?

1 个解决方案

解决方案1
 0  2014-09-23 02:46:30

I think you want to do the reverse. 我想你想做相反的事情。

When you generate the cookie, use the expires attribute to set it to, say, "15 minutes": 生成Cookie时,请使用expires属性将其设置为“ 15分钟”:

https://metacpan.org/pod/Dancer::Cookie#expires https://metacpan.org/pod/Dancer::Cookie#expires

Then every time you do something for that session, call the Dancer::Cookie init method: 然后,每次为该会话执行操作时,请调用Dancer :: Cookie init方法:

https://metacpan.org/pod/Dancer::Cookie#init https://metacpan.org/pod/Dancer::Cookie#init

... to refresh the cookie (if you're not using the default path, pass in the path). ...刷新cookie(如果您未使用默认路径,请输入该路径)。

The user's browser should expire the cookie for you after the given time. 在给定的时间之后,用户的浏览器应为您终止Cookie。

(I have not actually tried this, but the code implies it should work - the documentation for the init method could certainly be clearer) (我实际上并没有尝试过,但是代码暗示它应该可以工作-init方法的文档肯定会更清楚)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Perl Dancer会话Cookie - Perl Dancer Session Cookies 如何进行Perl Dancer测试 - How to run a Perl Dancer Test Perl Dancer-仍在使用端口3000 - Perl Dancer - still using port 3000 使用Perl Dancer的应用程序生命周期是什么? - What is the application life cycle using Perl Dancer? 无法使用Perl Dancer的fcgi运行应用 - Can not run app using fcgi of perl Dancer 在 Perl Dancer 应用程序中使用集成的 Windows 身份验证 - Using Integrated Windows Authentication in a Perl Dancer App 使用Plack :: Runner的Apache服务器上的Perl Dancer - Perl Dancer on Apache server using Plack::Runner 如何在Perl Dancer应用程序中改进身份验证 - How to improve authentication in a Perl Dancer app 如何在Perl Dancer应用程序中加密配置文件? - How to encrypt config file in a Perl Dancer application? Perl Dancer如何管理表单动作 - Perl Dancer how to manage form actions
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM