Modify session cookie expiry and session timeout for a CakePHP session

Question

I'm struggling to accomplish the following: Alter the user's session cookie expiry date based on the user's type.

I have a CakePHP web application wherein I have created my authentication component (instead of CakePHP's Auth) using CakePHP sessions. I've configured CakePHP to handle sessions using the database.

Here are the relevant configuration settings that I have in my config.php:

Configure::write('Session.save', 'database');
Configure::write('Session.timeout', '36');
Configure::write('Security.level', 'medium');

How do I extend the session cookie expiry date AND update the value in the "expires" column in the "sessions" table?

Answer 1

Go in app/config/core.php

In this file search for,

Configure::write('Session.timeout', '120');

Session time out time (in seconds), by default it is 120 seconds. You can edit it here as required. Now the actual timeout duration depends on,

Configure::write('Security.level', 'medium');

if 'high' then Session timeout in 'Session.timeout' x 10, 
if 'medium' then Session timeout in 'Session.timeout' x 100, 
if 'low'    Session timeout in 'Session.timeout' x 300

So by combination of Session.timeout and Security.level you can get the desired session timeout

Answer 2

Find this: app/config/core.php

Change this line to your desired value in minutes:
Configure::write('Session.timeout', '120');

(Since CakePHP 2.3.0 Security.level is no longer used.
Changelog: http://cakephp.org/changelogs/2.3.0)