Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to set session timeout in Laravel?

Is there an inherent way to setup sessions to expire after a certain time. My current setup seems to be expiring after 30 minutes and I would like to disable that or at least increase it, but I can't find any places in Laravel where this could be set?

like image 936
coderama Avatar asked Sep 27 '14 05:09

coderama


People also ask

How does laravel session timeout work?

By default in laravel application session timeout value is 120 minutes. Session Timeout simply means Not Used Anymore. When system is idle then session will be destroyed automatically after the given time period.

How do I increase my session lifetime in laravel?

If you want to increase your session life time then we need to change in . env file and it is very easy to change it from configuration file in laravel. laravel provides you session. php file there is we can see 'lifetime' key option for setting time in minutes.

How long does laravel session last?

You need to understand what happened: You've set the lifetime of the sessions to 120 minutes, which means after 120 minutes the session is flushed. The remember_me feature is using cookies. If there is no user session Laravel checks the cookies and recreates the session if the session cookie is still valid.

How do I keep a session alive in laravel?

The alternative would be to set SESSION_LIFETIME=120 in your . env file. I would recommend to set few years like maybe 68 years which is equal to 35791394 minutes. So set it like SESSION_LIFETIME=35791394 .


2 Answers

In app/config/session.php you have:

lifetime

option that allow you to set session expire time in minutes (not in seconds)

'lifetime' => 60, 

means that session will expire after an hour.

There is also one more setting here:

'expire_on_close' => true, 

that decides if session will be expired when browser will be closed.

Other settings you could get interested is also php.ini values of:

session.cookie_lifetime = 0 

and

session.gc_maxlifetime = 1440 

Those are default values.

The first one means how long session cookie will be stored - default value is 0 (until browse is closed). The second option means after how many of seconds PHP may destroy this session data.

I said may because there is one other option session.gc_probability in php.ini file that decides what's the chance of running garbage collector. Be default there is only 1% chance that after 1440 seconds (24 minutes) this session data will be destroyed.

like image 145
Marcin Nabiałek Avatar answered Sep 29 '22 20:09

Marcin Nabiałek


Check your php.ini, it has a value for session.gc_maxlifetime (and also session.cookie_lifetime) that sets a limit on how long PHP will allow sessions to last. When Laravel sets the options, it passes cookie_lifetime as the value set in app/config/session.php.

However, sessions are not expired immediately after the max lifetime is reached. What happens is after that amount of time has passed the session is then available to be removed by the garbage collector.

To solve the issue

One workaround is to check your php.ini file. You may have this variable defined: session.gc_maxlifetime. By default it is set to 1440. Just comment or delete it.

From this time on you session may work properly using your session.php config values.

like image 41
Nadeem_MK Avatar answered Sep 29 '22 22:09

Nadeem_MK