{"id":15018378,"url":"https://github.com/perldancer/dancer-session-cookie","last_synced_at":"2025-05-13T16:30:32.965Z","repository":{"id":16563529,"uuid":"19317375","full_name":"PerlDancer/Dancer-Session-Cookie","owner":"PerlDancer","description":"Encrypted cookie-based session backend for Dancer","archived":false,"fork":false,"pushed_at":"2018-03-11T16:58:49.000Z","size":130,"stargazers_count":1,"open_issues_count":2,"forks_count":6,"subscribers_count":13,"default_branch":"releases","last_synced_at":"2025-04-02T04:35:26.098Z","etag":null,"topics":["cookie","dancer","perl","session"],"latest_commit_sha":null,"homepage":"https://metacpan.org/release/Dancer-Session-Cookie","language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PerlDancer.png","metadata":{"files":{"readme":"README.mkdn","changelog":"Changes","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-04-30T15:02:07.000Z","updated_at":"2018-06-18T21:40:51.000Z","dependencies_parsed_at":"2022-09-13T08:40:32.909Z","dependency_job_id":null,"html_url":"https://github.com/PerlDancer/Dancer-Session-Cookie","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PerlDancer%2FDancer-Session-Cookie","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PerlDancer%2FDancer-Session-Cookie/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PerlDancer%2FDancer-Session-Cookie/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PerlDancer%2FDancer-Session-Cookie/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PerlDancer","download_url":"https://codeload.github.com/PerlDancer/Dancer-Session-Cookie/tar.gz/refs/heads/releases","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253981636,"owners_count":21994308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cookie","dancer","perl","session"],"created_at":"2024-09-24T19:51:53.972Z","updated_at":"2025-05-13T16:30:32.469Z","avatar_url":"https://github.com/PerlDancer.png","language":"Perl","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/perldancer/Dancer-Session-Cookie.svg?branch=master)](https://travis-ci.org/perldancer/Dancer-Session-Cookie)\n[![AppVeyor Status](https://ci.appveyor.com/api/projects/status/github/perldancer/Dancer-Session-Cookie?branch=master\u0026svg=true)](https://ci.appveyor.com/project/perldancer/Dancer-Session-Cookie)\n\n# NAME\n\nDancer::Session::Cookie - Encrypted cookie-based session backend for Dancer\n\n# VERSION\n\nversion 0.30\n\n# SYNOPSIS\n\nYour `config.yml`:\n\n```\nsession: \"cookie\"\nsession_cookie_key: \"this random key IS NOT very random\"\n```\n\n# DESCRIPTION\n\nThis module implements a session engine for sessions stored entirely\nin cookies. Usually only the **session id** is stored in cookies and\nthe session data itself is saved in some external storage, e.g.\na database. This module allows you to avoid using external storage at\nall.\n\nSince a server cannot trust any data returned by clients in cookies, this\nmodule uses cryptography to ensure integrity and also secrecy. The\ndata your application stores in sessions is completely protected from\nboth tampering and analysis on the client-side.\n\nDo be aware that browsers limit the size of individual cookies, so this method\nis not suitable if you wish to store a large amount of data.  Browsers typically\nlimit the size of a cookie to 4KB, but that includes the space taken to store\nthe cookie's name, expiration and other attributes as well as its content.\n\n# CONFIGURATION\n\nThe setting **session** should be set to `cookie` in order to use this session\nengine in a Dancer application. See [Dancer::Config](https://metacpan.org/pod/Dancer::Config).\n\nAnother setting is also required: **session\\_cookie\\_key**, which should\ncontain a random string of at least 16 characters (shorter keys are\nnot cryptographically strong using AES in CBC mode).\n\nThe optional **session\\_expires** setting can also be passed,\nwhich will provide the duration time of the cookie. If it's not present, the\ncookie won't have an expiration value.\n\nHere is an example configuration to use in your `config.yml`:\n\n```\nsession: \"cookie\"\nsession_cookie_key: \"kjsdf07234hjf0sdkflj12*\u0026(@*jk\"\nsession_expires: 1 hour\n```\n\nCompromising **session\\_cookie\\_key** will disclose session data to\nclients and proxies or eavesdroppers and will also allow tampering,\nfor example session theft. So, your `config.yml` should be kept at\nleast as secure as your database passwords or even more.\n\nAlso, changing **session\\_cookie\\_key** will have an effect of immediate\ninvalidation of all sessions issued with the old value of key.\n\n**session\\_cookie\\_path** can be used to control the path of the session\ncookie.  The default is `/`.\n\nThe global **session\\_secure** setting is honored and a secure (https\nonly) cookie will be used if set.\n\n# DEPENDENCY\n\nThis module depends on [Session::Storage::Secure](https://metacpan.org/pod/Session::Storage::Secure).  Legacy support is provided\nusing [Crypt::CBC](https://metacpan.org/pod/Crypt::CBC), [Crypt::Rijndael](https://metacpan.org/pod/Crypt::Rijndael), [String::CRC32](https://metacpan.org/pod/String::CRC32), [Storable](https://metacpan.org/pod/Storable) and\n[MIME::Base64](https://metacpan.org/pod/MIME::Base64).\n\n# SEE ALSO\n\nSee [Dancer::Session](https://metacpan.org/pod/Dancer::Session) for details about session usage in route handlers.\n\nSee [Plack::Middleware::Session::Cookie](https://metacpan.org/pod/Plack::Middleware::Session::Cookie),\n[Catalyst::Plugin::CookiedSession](https://metacpan.org/pod/Catalyst::Plugin::CookiedSession), [\"session\" in Mojolicious::Controller](https://metacpan.org/pod/Mojolicious::Controller#session) for alternative implementation of this mechanism.\n\n# AUTHORS\n\n- Alex Kapranoff \u003ckappa@cpan.org\u003e\n- Alex Sukria \u003csukria@cpan.org\u003e\n- David Golden \u003cdagolden@cpan.org\u003e\n- Yanick Champoux \u003cyanick@cpan.org\u003e [![endorse](http://api.coderwall.com/yanick/endorsecount.png)](http://coderwall.com/yanick)\n\n# COPYRIGHT AND LICENSE\n\nThis software is copyright (c) 2018, 2015, 2014, 2011 by Alex Kapranoff.\n\nThis is free software; you can redistribute it and/or modify it under\nthe same terms as the Perl 5 programming language system itself.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperldancer%2Fdancer-session-cookie","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fperldancer%2Fdancer-session-cookie","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperldancer%2Fdancer-session-cookie/lists"}