cppcms_ref/latest/session__interface_8h_source.html

 //
 //  Copyright (C) 2008-2012  Artyom Beilis (Tonkikh) <artyomtnk@yahoo.com>
 //
 //  See accompanying file COPYING.TXT file for licensing details.
 //
 #ifndef CPPCMS_SESSION_INTERFACE_H
 #define CPPCMS_SESSION_INTERFACE_H

 #include <cppcms/defs.h>
 #include <booster/noncopyable.h>
 #include <booster/hold_ptr.h>
 #include <booster/shared_ptr.h>
 #include <cppcms/cstdint.h>
 #include <cppcms/cppcms_error.h>
 #include <cppcms/serialization_classes.h>
 #include <string>
 #include <map>
 #include <set>
 #include <booster/auto_ptr_inc.h>
 #include <sstream>
 #include <typeinfo>

 namespace cppcms {
 namespace impl {
         struct cached_settings;
 }
 namespace http {
         class context;
         class request;
         class response;
         class cookie;
 }

 class session_api;
 class session_pool;

 class CPPCMS_API request_forgery_error : public cppcms_error {
 public:
         request_forgery_error() :
                 cppcms_error("Cross site request forgery detected")
         {
         }
 };


 class CPPCMS_API session_interface_cookie_adapter : public booster::noncopyable {
 public:
         virtual ~session_interface_cookie_adapter();
         virtual void set_cookie(http::cookie const &updated_cookie) = 0;
         virtual std::string get_session_cookie(std::string const &name) = 0;
         virtual std::set<std::string> get_cookie_names() = 0;
 };

 class CPPCMS_API session_interface : private booster::noncopyable {
 public:

         session_interface(session_pool &pool,session_interface_cookie_adapter &adapter);

         session_interface(http::context &);

         ~session_interface();
         bool is_set(std::string const &key);
         void erase(std::string const &key);
         void clear();

         bool is_exposed(std::string const &key);
         void expose(std::string const &key,bool val=true);
         void hide(std::string const &key);

         std::string &operator[](std::string const &key);
         void set(std::string const &key,std::string const &v);

         std::string get(std::string const &key);

         std::string get(std::string const &key,std::string const &default_value);

         template<typename T>
         T get(std::string const &key)
         {
                 std::istringstream ss(get(key));
                 ss.imbue(std::locale::classic());
                 T value;
                 ss>>value;
                 if(ss.fail() || !ss.eof())
                         throw booster::bad_cast();
                 return value;
         }

         template<typename T>
         void set(std::string const &key,T const &value)
         {
                 std::ostringstream ss;
                 ss.imbue(std::locale::classic());
                 ss<<value;
                 set(key,ss.str());
         }

         template<typename Serializable>
         void store_data(std::string const &key,Serializable const &object)
         {
                 std::string buffer;
                 serialization_traits<Serializable>::save(object,buffer);
                 set(key,buffer);
         }

         template<typename Serializable>
         void fetch_data(std::string const &key,Serializable &object)
         {
                 std::string buffer=get(key);
                 serialization_traits<Serializable>::load(buffer,object);
         }

         enum {
                 fixed,
                 renew,
                 browser
         };

         int age();
         void age(int t);
         void default_age();

         int expiration();
         void expiration(int h);
         void default_expiration();

         void on_server(bool srv);

         bool on_server();


         void set_session_cookie(std::string const &data);
         void clear_session_cookie();

         std::string get_session_cookie();

         bool load();

         bool set_cookie_adapter_and_reload(session_interface_cookie_adapter &adapter);

         void save();

         bool is_blocking();

         void reset_session();


         bool validate_csrf_token(std::string const &str);
         void validate_request_origin();

         void request_origin_validation_is_required(bool required);

         std::string get_csrf_token();
         std::string get_csrf_token_cookie_name();

         std::string session_cookie_name();

         std::set<std::string> key_set();
 private:
         friend class http::response;
         friend class http::request;

         void init();

         impl::cached_settings const &cached_settings();

         struct entry;

         typedef std::map<std::string,entry> data_type;
         data_type data_,data_copy_;
         http::context *context_;

         // Cached defaults
         int timeout_val_def_;
         int how_def_;

         // User Values
         int timeout_val_;
         int how_;

         // Information from session data
         time_t timeout_in_;

         uint32_t new_session_ : 1;
         uint32_t saved_ : 1;
         uint32_t on_server_ : 1;
         uint32_t loaded_ : 1;
         uint32_t reset_ : 1;
         uint32_t csrf_checked_ : 1;
         uint32_t csrf_do_validation_ : 1;
         uint32_t csrf_validation_ : 1;
         uint32_t reserved_ : 24;

         std::string temp_cookie_;

         // storage itself

         booster::shared_ptr<session_api> storage_;
         struct _data;
         booster::hold_ptr<_data> d; // for future use

         int cookie_age();
         time_t   session_age();

         void check();
         void update_exposed(bool);


         void set_session_cookie(int64_t age,std::string const &data,std::string const &key=std::string());

         void save_data(std::map<std::string,entry> const &data,std::string &s);
         void load_data(std::map<std::string,entry> &data,std::string const &s);
         std::string generate_csrf_token();
 };

 } // cppcms


 #endif
cppcms::session_interface::fixed
Once the session is created it will expire in age() second from the moment it created.
Definition: session_interface.h:242

booster::hold_ptr< _data >

cppcms::cppcms_error
Exception thrown by CppCMS framework.
Definition: cppcms_error.h:22

cppcms::request_forgery_error
This exception is thrown when CSRF attempt is suspected:
Definition: session_interface.h:42

cppcms::session_interface
This class provides an access to an application for session management.
Definition: session_interface.h:107

cppcms
This is the namespace where all CppCMS functionality is placed.
Definition: application.h:19

cppcms::serialization_traits::load
static void load(std::string const &serialized_object, Object &real_object)

cppcms::http::context
context is a central class that holds all specific connection related information. It encapsulates CGI request and response, cache, session and locale information
Definition: http_context.h:47

cppcms::session_interface_cookie_adapter
Definition: session_interface.h:66

booster::shared_ptr
Definition: log.h:25

cppcms::session_pool
This class provides an access to session management backends an allow customization.
Definition: session_pool.h:35

cppcms::http::response
this class represents all HTTP/CGI response related API, generation of output content and HTTP header...
Definition: http_response.h:36

booster::bad_cast
Same as std::bad_cast but records stack trace.
Definition: backtrace.h:151

cppcms::request_forgery_error::request_forgery_error
request_forgery_error()
Create an exception object.
Definition: session_interface.h:45

cppcms::session_interface::store_data
void store_data(std::string const &key, Serializable const &object)
Definition: session_interface.h:216

cppcms::session_interface::fetch_data
void fetch_data(std::string const &key, Serializable &object)
Definition: session_interface.h:232

cppcms::http::cookie
Class that represents single HTTP Cookie Generally used in context of http::request and http::respons...
Definition: http_cookie.h:27

booster::noncopyable
This class makes impossible to copy any class derived from this one.
Definition: noncopyable.h:15

cppcms::serialization_traits::save
static void save(Object const &real_object, std::string &serialized_object)

cppcms::http::request
This class represents all information related to the HTTP/CGI request.
Definition: http_request.h:37