NAME
    Dancer2::Session::Cookie - Dancer 2 session storage in secure cookies

VERSION
    version 0.004

SYNOPSIS
      # In Dancer 2 config.yml file

      session: Cookie
      engines:
        session:
          Cookie:
            secret_key: your secret passphrase
            default_duration: 604800

DESCRIPTION
    This module implements a session factory for Dancer 2 that stores
    session state within a browser cookie. Features include:

    *   Data serialization and compression using Sereal

    *   Data encryption using AES with a unique derived key per cookie

    *   Enforced expiration timestamp (independent of cookie expiration)

    *   Cookie integrity protected with a message authentication code (MAC)

    See Session::Storage::Secure for implementation details and important
    security caveats.

ATTRIBUTES
  secret_key (required)
    This is used to secure the cookies. Encryption keys and message
    authentication keys are derived from this using one-way functions.
    Changing it will invalidate all sessions.

  default_duration
    Number of seconds for which the session may be considered valid. If
    "cookie_duration" is not set, this is used instead to expire the session
    after a period of time, regardless of the length of the browser session.
    It is unset by default, meaning that sessions expiration is not capped.

SEE ALSO
    CPAN modules providing cookie session storage (possibly for other
    frameworks):

    *   Dancer::Session::Cookie -- Dancer 1 equivalent to this module

    *   Catalyst::Plugin::CookiedSession -- encryption only

    *   HTTP::CryptoCookie -- encryption only

    *   Mojolicious::Sessions -- MAC only

    *   Plack::Middleware::Session::Cookie -- MAC only

    *   Plack::Middleware::Session::SerializedCookie -- really just a
        framework and you provide the guts with callbacks

SUPPORT
  Bugs / Feature Requests
    Please report any bugs or feature requests through the issue tracker at
    <https://github.com/dagolden/dancer2-session-cookie/issues>. You will be
    notified automatically of any progress on your issue.

  Source Code
    This is open source software. The code repository is available for
    public review and contribution under the terms of the license.

    <https://github.com/dagolden/dancer2-session-cookie>

      git clone git://github.com/dagolden/dancer2-session-cookie.git

AUTHOR
    David Golden <dagolden@cpan.org>

COPYRIGHT AND LICENSE
    This software is Copyright (c) 2013 by David Golden.

    This is free software, licensed under:

      The Apache License, Version 2.0, January 2004