32

I had a problem with symfony2 session component. I set some data to session through session container like this:

$sess = $this->get( 'session' );
$sess->set( 'some_key', 'some_value' );

But after a little bit of time (about 15-20 minutes) the session got lost.

Can I set session life time parameter? The perfect variant for me would be if I can set certain time of session live period...Can anybody please help?

Muc
  • 1,464
  • 2
  • 13
  • 31
Aleksei Kornushkin
  • 2,219
  • 5
  • 21
  • 18

3 Answers3

58

You can set the session expiration time in your config file under the framework section. Mine looks like this:

config.yml

framework:
  secret:        %secret%
  charset:       UTF-8
  error_handler: null
  csrf_protection:
      enabled: true
  router:        { resource: "%kernel.root_dir%/config/routing.yml" }
  validation:    { enabled: true, annotations: true }
  templating:    { engines: ['twig'] } #assets_version: SomeVersionScheme
  session:
      default_locale: %locale%
      cookie_lifetime: 3600 // was "lifetime" but deprecated
      auto_start:     true

You can change the framework.session.lifetime value to anything you'd like, in seconds (it defaults to 3600, or 1 hour).

Reference here.

SteeveDroz
  • 6,006
  • 6
  • 33
  • 65
Problematic
  • 17,567
  • 10
  • 73
  • 85
  • 5
    Are you sure framework.session.lifetime defaults to one hour? Could you point me to where you see that happening in the code? In Symfony2's `NativeSessionStorage` I see that the defaults come from PHP's `session_get_cookie_params()`, so the default PHP session cookie lifetime will be 0 (expires when browser is closed). Also, it's important to note that even if you change PHP session cookie lifetime, I think you also have to change `session.gc_maxlifetime` in your PHP settings (since that defaults to 1440 sec / 24 min). See http://tinyurl.com/6txls7n – Adam Monsen Mar 12 '12 at 17:48
  • 3
    The Symfony2 session lifetime value defaulted to 3600 when I posted this answer. Checking the [configuration reference](http://symfony.com/doc/current/reference/configuration/framework.html#full-default-configuration), it looks like this has since been increased to 86400. Looks like you're right, though. I see a note saying that `session_get_cookie_params()` will override passed values. – Problematic Mar 12 '12 at 17:59
  • 1
    Look again, session lifetime is `0` by default. Oh, woah, typo. It's also 86,400! I'll send them a patch, looks like someone messed that up. – Adam Monsen Mar 12 '12 at 18:02
  • 3
    Ha, so they did. And check out the [DI configuration](https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php#L161) for the FrameworkBundle... `lifetime` has been deprecated for `cookie_lifetime`... looks like the docs are out of date here. – Problematic Mar 12 '12 at 18:06
  • 1
    Yes, deprecated on master (maybe that's for Symfony2 version 2.1?). Huh... `session_get_cookie_params()` will override passed values... yet another change post Symfony2 v2.0 I'll probably have to adjust to. :) – Adam Monsen Mar 12 '12 at 18:14
  • 1
    I sent them a pull request to fix the doc. https://github.com/symfony/symfony-docs/pull/1142 – Adam Monsen Mar 12 '12 at 18:20
  • just checked it and per default the session gets invalid upon closing the browser – Gigala Jun 19 '15 at 10:41
38

In Symfony 2.3 I think the right answer is found in app/config/config.yml:

framework:
    session:
        cookie_lifetime: 7200
        gc_maxlifetime: 3600

GC (garbage collection) will be reset every time the server is hit, meaning if the user is active, he'll have 3600 to continue working. The cookie_lifetime will force the user to log out in its limit. In this example, the user will have one hour to be inactive and will be forced out in 2 hours.

tirenweb
  • 30,963
  • 73
  • 183
  • 303
Thomas Bennett
  • 647
  • 6
  • 10
5

To work comfortably you can set in dev environment a cookie_lifetime to 0, it means the cookie expires when the browser is closed.

File: config_dev.php

  framework:
        session:
            cookie_lifetime: 0
iarroyo
  • 2,354
  • 24
  • 23