Clever Geek Handbook

ZF3 Session Timeout Error

I ran into a session timeout issue using Zend Framework 3. The session timed out within 5-10 minutes. I used the default session code that the Zf3 skeleton provides in global.php as shown below.

// Session configuration.
'session_config' => [   
  'cookie_lifetime' => 60*60*1, // Session cookie will expire in 1 hour.
  'gc_maxlifetime' => 60*60*1,  // Store session data on server maximum for 1 hour. 
],

// Session manager configuration. 
'session_manager' => 
[
   'validators' => [
      RemoteAddr::class,
      HttpUserAgent::class,
    ]
],

// Session storage configuration.
'session_storage' => [
   'type' => SessionArrayStorage::class 
],

After using the above code, still the session timed out for 5-10 minutes. I need an expired session time of more than 30 minutes. How to set it up in Zf3.

Please provide a solution.

+3


source to share


1 answer


You have the correct settings for the Session Manager, but it is not enough for these session settings to be used as default.

My guess is that you are not making this the default session manager. To do this, you need to instantiate it as soon as possible. One solution would be to do this in the Module.php module

use Zend\Mvc\MvcEvent;
use Zend\Session\SessionManager;

class Module
{
    //...

    /**
     * This method is called once the MVC bootstrapping is complete. 
     */
    public function onBootstrap(MvcEvent $event)
    {
        $application = $event->getApplication();
        $serviceManager = $application->getServiceManager();

        // The following line instantiates the SessionManager and automatically
        // makes the SessionManager the 'default' one.
        $sessionManager = $serviceManager->get(SessionManager::class);
    }
}

Link

EDIT: My second guess is that you are using the global path for your sessions (e.g. / var / lib / php / sessions).

Debian has a cron that can clear sessions according to your php.ini session settings (/etc/cron.d/php).



This cron uses your php.ini "gc_maxlifetime" and possibly cleans up your sessions.

To find out where your sessions are being saved, use session_save_path () . Check this directory for your sessions.

To overcome this, you must set "save_path" and this path should not be shared with other applications or scripts on your server (you don't want another script to use gc global settings or its own, deleting your sessions).

Add to

'save_path'           =>   '/path/to/app/data/sessions'

in your session_config array.

0


source






More articles:


All Articles