Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Symfony 3.4 session time

In my Symfony 3.4 application, the user is automatically logged out after a certain period of time. I want to change this behaviour and make my application never log out automatically. It should log out the session only when the user clicks on the logout link.

I have read the documentation and tried by setting the cookie_lifetime but it is not working for me. If anybody worked on this area please suggest how to proceed.

Updates:

I'm using this documentation page http://symfony.com/doc/master/components/http_foundation/session_configuration.html#session-lifetime

I'm using Symfony 3.4 flex based project.

I'm setting the configurations in config/packages/framework.yml. The configurations are as follows:

framework:
    session:
        handler_id: ~
        cookie_lifetime: 31536000
        gc_maxlifetime: 31536000
like image 701
N. Karthic Kannan Avatar asked Mar 16 '18 14:03

N. Karthic Kannan


1 Answers

After a long debugging, I found out that the following configuration is telling Symfony to use the default PHP save handler and the default session file path.

framework:
    session:
        handler_id: ~

Hence Symfony session files are being stored in /var/lib/php/sessions directory. In Debian based operating systems, a cron job is deleting the session files every half an hour. This cron job is identifying the active sessions based on the PIDs associated with apache2 and updating the last accessed time and last modification time of these active session files only.

Then the same cron job is deleting the session files which are having the last modification time before the gc_maxlifetime i.e; inactive sessions. The main problem is that gc_maxlifetime is determined based on the php.ini files only but not considering the Symfony's .yaml files. Hence the configurations in Symfony's .yaml files are ignored and the PHP's gc_maxlifetime is used.

This makes the session files being deleted after 20 minutes to 30 minutes. To fix this problem, I have updated the .yaml configurations as follows:

framework:
    session:
        handler_id: session.handler.native_file
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
        cookie_lifetime: 31536000
        gc_maxlifetime: 31536000

Now the session files are not stored inside the default /var/lib/php/sessions directory and hence the cron job is not deleting the session files. Now Symfony is taking care of this session handling job and it works perfectly now.

like image 138
N. Karthic Kannan Avatar answered Oct 15 '22 09:10

N. Karthic Kannan