Yii users being logged out after 15-30 minutes despite session timeouts being set to at least 1 day

Question

I've included the relevent parts of our Yii config file below:

return array( ...     'components'=>array(         'session' => array(             'timeout' => 86400,         ),         'user'=>array(             'allowAutoLogin' => true,             'autoRenewCookie' => true,             'authTimeout' => 31557600,         ),     ...     ), ... ); 

I have also been into php.ini and set session.gc_maxlifetime = 86400 but this still hasn't fixed the problem.

Currently, Im absolutely at a loss as to what else could be causing it to timeout and log the user out after roughly 15-30 minutes of inactivity. Ideally users should remain logged in for at least a day of inactivity (and beyond closing the browser window, browser preferences allowing).

I've trawled google, Yii and stack overflow and just can't find anything that I'm overlooking... but clearly I am overlooking something. If anyone can help me out I'd be very grateful.

---

A sample of typical code that we are using to log in the users was requested and is included below:

$identity = new UserIdentity('facebook', $id, $user->name, $user->email); $loggedIn = Yii::app()->user->login($identity); $this->subscriptionChecker->updateCurrentUserSubscribed(); 

This is pretty typical of any time that Yii::app()->user->login() is called

---

From Chrome, here are the cookies I have for the site and their expiries (after clearing all cookies and just logging in):

PHPSESSID expires When the browsing session ends  // I'm informed these are set by google analytics   __utma created Friday, 12 October 2012 14:05:31 expires Sunday, 12 October 2014 14:05:31  __utmb created Friday 12 October 2012 14:05:31 expires Friday 12 October 2012 14:35:31,  __utmc created Friday, 12 October 2012 14:05:31 expires When the browsing session ends  __utmz created Friday 12 October 2012 14:05:31 expires Saturday 13 April 2013 02:05:31   // end google analytics 

Answer 1

http://www.yiiframework.com/doc/api/1.1/CWebUser#login-detail

Thanks to help from Arfeen who pointed me in the right direction, unless you set the second parameter of Yii::app()->user->login() it turns out that Yii will not use a persistent cookie, as the second parameter defaults to 0. This default 0-value overrides anything else you might have set to do with timeouts.

Answer 2

I had a identical problem, even if i make authTimeout 3600 * 24 ( 24 hours ) the user still making logout in about 30 minutes. I discovered that on php.ini there is a option:

session.gc_maxlifetime

for default this options is 24 minutes, so i changed for what i needed

session.gc_maxlifetime = 86400

24 hours. Problem Solved for me.

Hope this could help someone!