Is there an inherent way to setup sessions to expire after a certain time. My current setup seems to be expiring after 30 minutes and I would like to disable that or at least increase it, but I can't find any places in Laravel where this could be set?
By default in laravel application session timeout value is 120 minutes. Session Timeout simply means Not Used Anymore. When system is idle then session will be destroyed automatically after the given time period.
If you want to increase your session life time then we need to change in . env file and it is very easy to change it from configuration file in laravel. laravel provides you session. php file there is we can see 'lifetime' key option for setting time in minutes.
You need to understand what happened: You've set the lifetime of the sessions to 120 minutes, which means after 120 minutes the session is flushed. The remember_me feature is using cookies. If there is no user session Laravel checks the cookies and recreates the session if the session cookie is still valid.
The alternative would be to set SESSION_LIFETIME=120 in your . env file. I would recommend to set few years like maybe 68 years which is equal to 35791394 minutes. So set it like SESSION_LIFETIME=35791394 .
In app/config/session.php
you have:
lifetime
option that allow you to set session expire time in minutes (not in seconds)
'lifetime' => 60,
means that session will expire after an hour.
There is also one more setting here:
'expire_on_close' => true,
that decides if session will be expired when browser will be closed.
Other settings you could get interested is also php.ini
values of:
session.cookie_lifetime = 0
and
session.gc_maxlifetime = 1440
Those are default values.
The first one means how long session cookie will be stored - default value is 0 (until browse is closed). The second option means after how many of seconds PHP may destroy this session data.
I said may because there is one other option session.gc_probability
in php.ini
file that decides what's the chance of running garbage collector. Be default there is only 1% chance that after 1440 seconds (24 minutes) this session data will be destroyed.
Check your php.ini, it has a value for session.gc_maxlifetime (and also session.cookie_lifetime) that sets a limit on how long PHP will allow sessions to last. When Laravel sets the options, it passes cookie_lifetime
as the value set in app/config/session.php
.
However, sessions are not expired immediately after the max lifetime is reached. What happens is after that amount of time has passed the session is then available to be removed by the garbage collector.
To solve the issue
One workaround is to check your php.ini
file. You may have this variable defined: session.gc_maxlifetime
. By default it is set to 1440. Just comment or delete it.
From this time on you session may work properly using your session.php config values.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With