Perl CGI – Session and Cookie howto

Perl CGI – Session and Cookie howto

Introduction –

Almost  2 year back (today also!)  I struggled a lot for implementing session and cookie in Perl CGI application.  So thought to share my work with you all. I wanted to do it in my way…

Assumption, your web server ie Apache is enabled to run CGI scripts

CGI directory location – /var/application/www/cgi-bin/
Htdocs location – /var/application/www/
Perl Module direcotry – /var/application/module/

Step 1] Write Auth.pm Perl module –

Please simply copy following Auth.pm perl module for authentication using Session and Cookies…

[root@arun ~]# cat /var/application/module/Auth.pm

package Auth;

### Subroutine to authenticate user
sub  User
{
my ($ref_page) = (@_);
### Session information
my $sid = $ref_page->cookie("APP_SID") || undef;
my $session = CGI::Session->load(undef,$sid);
if ( $session->is_expired ) { print $ref_page->redirect(-location => '../arun.html');}
elsif ( $session->is_empty) { print $ref_page->redirect(-location => '../arun.html');}
else { print $ref_page->header();}
# don't forget to create dir '/var/tmp'
# with proper ownership/permission
#$session = new CGI::Session(undef, $sid, {Directory=>'/var/tmp'});
#################################################
return($session->param('login_user'));
}

1;
[root@arun ~]#

Step 2] authe_me.pl –

authe_me.pl file is used to set cookies and verify username/password. You may use MySQL DB to store username and password.  In this case you have to this file…

[root@arun ~]# cat /var/application/www/cgi-bin/auth_me.pl
#!/usr/bin/perl

sub BEGIN
{
unshift (@INC, '/var/application/module/');
}

use strict;
use warnings;
use CGI qw(:standard);
use CGI::Session;
use Auth; ## our module

### Header
########################
my $page = CGI->new();
##print $page->header();

##########
if ( $ENV{REQUEST_METHOD} eq "POST" )
{
my %form;
my $session_dir="/var/tmp";
 my ($admin_user,$admin_password) = ("admin","arun123");

foreach my $key (param()) { $form{$key} = param($key);}
##
if (($form{username}) && ($form{password}))
{

### Session Details ###
CGI::Session->name("APP_SID");
## Create new session
my $session = new CGI::Session(undef, undef, {Directory=>$session_dir});
 ## Set cookies
my $cookie = $page->cookie(-name=>$session->name(),-value=>$session->id(),-expires=>'+2h',-path=>'/');
## Store data in session variable and save it
$session->param('login_user',$form{username}); # OR
##$session->param(-name=>'login_user',-value=>$form{username});
$session->save_param($page, ["login_user"]);

## Session and Cookie expiration time is SAME.
$session->expire("+2h");
#### Session Details end ####

## if login successful redirect to main.pl else login page
if (($form{username} eq $admin_user) and ($form{password} eq $admin_password))
{ print $page->redirect(-location => 'main.pl',-cookie=>$cookie);}
else { print $page->redirect(-location => '../arun.html'); }
############################
} else { print $page->redirect(-location => '../arun.html'); }
}

[root@arun ~]#

Step 3] Create Login Page –

[root@arun ~]# cat /var/application/www/arun.html
<html>
<title>Arun Login Page</title>

<!-- Form start -->
<table align='center' border='1'>
<form method="POST" action="cgi-bin/auth_me.pl">
<tr>
<td><label>Login</label></td>
<td><input name="username" type="text"></td>
</tr>
<tr>
<td><label>Password</label></td>
<td><input name="password" type="password"><br/></td>
</tr>
<tr>
<td><input value="Submit" type="submit"></td>
</tr>

</form>
</table>

</html>

[root@arun ~]#

Step 4] Create main page where Session and Cookie authentication verified – main.pl

[root@arun ~]# cat /var/application/www/cgi-bin/main.pl
#!/usr/bin/perl

sub BEGIN
{
unshift (@INC, '/var/application/module/');
}

use strict;
use warnings;
use CGI qw(:standard);
use CGI::Session;
use Auth;

### Header
my $page = CGI->new();
## check authentication
my $login_name=Auth::User($page);
###
print $page->start_html( -title=>'Arun Main Page');

print "<h3>This is Main Page</h3></br>";
print "<br>Login Name - $login_name";

#end
[root@arun ~]#

Step 5] Please access login page and try http://your_ipaddr/arun.html

Thank you,
Arun

Similar Posts:

2 Replies to “Perl CGI – Session and Cookie howto”

  1. hey actually i have made a online tool so how to maintain session. when user choose something on 1st page nd then submit it then it ll call another page and again after submitting the form it will do calculation and call final page. how to maintain session in this.

Leave a Reply

Your email address will not be published.