NAME

Catalyst::Plugin::RequestToken - Handling transaction token for Catalyst

SYNOPSIS

in your application class:

use Catalyst qw/Session::FastMmap RequestToken FillForm/;

sub input : Local {
    my ( $self, $c ) = @_;

    $c->stash->{template} = 'input.html';
    $c->forward('MyApp::V::TT');
}

sub confirm : Local {
    my ( $self, $c ) = @_;

    $c->create_token;
    $c->stash->{template} = 'confirm.html';
    $c->forward('MyApp::V::TT');
    $c->fillform;
}

sub complete : Local {
    my ( $self, $c ) = @_;

    if ($c->validate_token) {
        $c->res->output('Complete');
    } else {
        $c->res->output('Invalid Token');
    }
    $c->remove_token;
}

input.html TT template: <html> <body> <form action="confirm" method="post"> <input type="submit" name="submit" value="confirm"/> </form> </body> </html>

confirm.html TT template: <html> <body> <form action="complete" method="post"> <input type="hidden" name="token"/> <input type="submit" name="submit" value="complete"/> </form> </body> </html>

DESCRIPTION

This plugin create, remove and validate transaction token, to be used for enforcing a single request for some transaction, for exapmle, you can prevent duplicate submits.

Note: This plugin uses Data::UUID for creating transaction token for each request.

This plugin requires a session plugin like Catalyst::Plugin::Session::FastMmap to store server side token.

EXTENDED METHODS

setup

You can configure name both of session and request. Default name is 'token'.

METHODS

create_token

Create new token.

remove_token

Remove token from server side session.

validate_token

Validate token.

SEE ALSO

Catalyst, Data::UUID, Catalyst::Plugin::Session::FastMmap

AUTHOR

Hideo Kimura, <hide@hide-k.net>

COPYRIGHT AND LICENSE

Copyright (C) 2005 by Hideo Kimura

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.