NAME
Catalyst::Plugin::RequestToken - Handling transaction token for Catalyst
SYNOPSIS
in your application class:
use Catalyst qw/Session::FastMmap RequestToken FillForm/;
sub input : Local {
my ( $self, $c ) = @_;
$c->stash->{template} = 'input.html';
$c->forward('MyApp::V::TT');
}
sub confirm : Local {
my ( $self, $c ) = @_;
$c->create_token;
$c->stash->{template} = 'confirm.html';
$c->forward('MyApp::V::TT');
$c->fillform;
}
sub complete : Local {
my ( $self, $c ) = @_;
if ($c->validate_token) {
$c->res->output('Complete');
} else {
$c->res->output('Invalid Token');
}
$c->remove_token;
}root/input.html TT template:
<html>
<body>
<form action="confirm" method="post">
<input type="submit" name="submit" value="confirm"/>
</form>
</body>
</html>root/confirm.html TT template:
<html>
<body>
<form action="complete" method="post">
<input type="hidden" name="token"/>
<input type="submit" name="submit" value="complete"/>
</form>
</body>
</html>DESCRIPTION
This plugin create, remove and validate transaction token, to be used for enforcing a single request for some transaction, for exapmle, you can prevent duplicate submits.
Note: This plugin uses Data::UUID for creating transaction token for each request. Also this plugin requires a session plugin like Catalyst::Plugin::Session::FastMmap to store server side token.
EXTENDED METHODS
- setup
-
You can configure name both of session and request. Default name is 'token'.
METHODS
- create_token
-
Create new token.
- remove_token
-
Remove token from server side session.
- validate_token
-
Validate token.
SEE ALSO
Catalyst, Data::UUID, Catalyst::Plugin::Session::FastMmap
AUTHOR
Hideo Kimura, <hide@hide-k.net>
COPYRIGHT AND LICENSE
Copyright (C) 2005 by Hideo Kimura
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.