0

I'm using CakePHP v2 on a LAMP server and I appear to have a problem with the session not automatically renewing itself if the user stays active.

In other words, if I set the session cookie to 3 days then the user gets logged out after 3 days even if they've been active the whole time.

At first, I though that this might be the correct behaviour but then when I posted a qustion about it ( Extending the life of the CakePHP Session Cookie ) the only answer I got tended to suggest that the bahaviour I'm experiencing is NOT the default behaviour.

So, presumably I have done something wrong somewhere. Here is what I've put in APP/Config/core.php:

Configure::write('Session', array(
    'defaults' => 'database',
            'cookie' => 'mycookie',
            'timeout' => 4320 //3 days
));

I just want the cookie to stay valid for 3 days from the last activity of the user. What it's doing at the moment is expiring after 3 days even if the user has been active the whole time.

Community
  • 1
  • 1
Joseph
  • 2,737
  • 1
  • 30
  • 56

2 Answers2

1

put this in your afterFilter action in AppController:

$this->Session->renew();

This renews the session cookie.

(Putting it in beforeFilter caused my admin session to expire if i went to frontend for some reason.)

Dieter Gribnitz
  • 5,062
  • 2
  • 41
  • 38
0

I think you need to create a custom session handler to achieve your requirement.(Just simply update the session's expire when read it.)

Young
  • 7,986
  • 7
  • 43
  • 64
  • thanks for this reply. So can I assume from your answer that it definitely shouldn't be doing this already? Last time I asked a question like this I was lead to believe that there must be something wrong with my Cake installation for it not to be doing this already. – Joseph Jun 02 '12 at 09:06
  • @Joseph Yeah there's nothing wrong with your cake.U just need to customize your session.And I believe it would be mentioned in cookbook if there's such a auto-renew mechanism for session. – Young Jun 02 '12 at 09:30
  • After a little more playing around, it looks like Cake *is* doing what I wanted after all. I I create a new 3-day session now, the 'expires' timestamp is '1341546414'. Then, if I refresh the page a few seconds later, the timestamp changes to '1341546435' -- so it must be something else causing the session to expire, not Cake. – Joseph Jul 03 '12 at 03:47
  • Well, yes, it's good news in a way but sadly I still haven't found a complete solution for this. It looks Cake renews the expiry date on the session properly, but the expiry date on the cookie in the browser just doesn't get renewed. I posted a new question about this at http://stackoverflow.com/questions/11304390/cakephp-session-updates-but-cookie-expiry-doesnt – Joseph Jul 04 '12 at 08:07
  • I was working on an old application written on v2.6 and kept facing this problem like @Joseph. Then I came across [this post on Mark's blog](https://www.dereuromark.de/2012/02/02/more-persistent-sessions-in-cake2-x/) which made things more clear. In the end, `session.cookie_lifetime` plays a major role in deciding when the session times out. – Fr0zenFyr Dec 06 '17 at 12:41