Yii2 session expires after user is idle for a fixed seconds despite session timeouts being set to at least 20 minutes

Question

    'user' => [
        'enableAutoLogin' => true,
        'identityCookie' => ['name' => '_identity-backend', 'httpOnly' => true],
    ],
    'session' => [

        'timeout'=>24*60*60,
    ],

I have already added these codes in my config/main file

Is this whole configuration for user and session you've got? Have you checked your current PHP settings for sessions? See [this question](http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes) for some tips. — Bizley, Jan 11 '17 at 10:09

score 1 · Answer 1 · answered Jan 11 '17 at 13:37

My answer employs the user of Yii2 user authentication module.

According to the API documentation for the login method for Yii2, the login method sets the identity cookie to be session based, since the default duration is 0.

public boolean login ( yii\web\IdentityInterface $identity, $duration = 0 )

However, by specifying the duration when calling the login method, the cookie is stored for the duration specified. As long as cookie-based login is enabled, the user's login would refreshed. See example below.

if(Yii::$app->getUser()->login($user, 24 * 60 * 60)) {
    // Login Successful, perform appropriate action here
}

Yii2 session expires after user is idle for a fixed seconds despite session timeouts being set to at least 20 minutes

1 Answers1