How to extend session cookie lifetime in Symfony?

Question

On accessing session data on the server side, its modified_time gets set, therefore extending its expiration time into the future.

However, this does not happen for PHPSESSID cookie. While session data expiration on the server side is extended, the cookie expiration is not. If the cookie expires, the user will lose his session - he will have no session ID to give when sending a request.

Is there any way to tell Symfony\Component\HttpFoundation\Session\Session to extend the cookie expiration date?

• Can this be done for the same session ID? Or will we have to regenerate it (seems inefficient to do for many users X many requests)?
• Should I set it myself manually (disregarding the OOP principles)

I've found $request->getSession()->getMetadataBag() and tried setting stampNew(), but this does not seem to interact with the PHPSESSID cookie.

Answer 1

You can change in the config.yml files under the session key, as example:

# session configuration
session:
    cookie_lifetime:    3600

From the doc:

cookie_lifetime

type: integer default: null

This determines the lifetime of the session - in seconds. The default value - null - means that the session.cookie_lifetime value from php.ini will be used. Setting this value to 0 means the cookie is valid for the length of the browser session.

More info in the doc here