Using session with store=>File, it creates a cookie "plack_session." This is working fine except when I want to create a "remember me" checkbox which expires at some point in the distant future instead of when the browser window is closed. In addition, I want to make sure the session cookies are only passed on secure pages but by default it looks like the session cookie is created non-secure which will send it on both secure and non secure requests.
Interestingly, there are methods available on a couple of objects that look like they will allow me to control this:
http://search.cpan.org/~miyagawa/Plack-Middleware-Session-0.30/lib/Plack/Session/State/Cookie.pmThis one has "expires" and "secure" methods. But how do I access this object to call these methods? It looks like the only interface to the session that I have is env->session (or $self->req->session) which returns a hashref, not an instance of Plack::Middleware::Session, Plack::Session, Plack:Session::State::Cookie, or anything else that lets me call methods on it.
I have also found information on setting options like this:
http://stackoverflow.com/questions/29187503/how-to-set-the-expiration-time-for-a-cookie-managed-by-plackmiddlewaresessioHowever, it doesn't seem to be working for me. During the login, I set those options, but the cookie always gets set to expire when the browser window is closed.
Please forgive me as I'm trying to wrap my head around how Plack and PSGI and all this works. I'm having a cognitive disconnect because historically if I want an object I just "use" the class and then instantiate the object with a new() method. All the examples around Plack show an interface like "builder" methods which seem more like global state as opposed to objects on a per-request basis. In addition, frameworks like Kelp and Dancer have me use configuration to enable middleware but I don't have access to where the objects are actually instantiated which makes trying to decipher the documentation more difficult.
Thanks again,
Brian