5

Is there a way in Laravel 5.7 to find out how much time a user has left before their current session expires?

EDITED

I also want to check when the current session expires for guests as well as logged in users.

Also, in the current answers, there seem to be conflicting ideas that a session will expire exactly "SESSION_LIFETIME" minutes after login, while others are thinking that the session expires after the last user activity. It would be good to clarify which is correct. Then also how to then get the last activity time and what classifies as activity on the session.

Also, I think Session::activity() has been removed in Laravel 5.7.

POSSIBLE SOLUTION

Thanks to @bharat-geleda below, this is a working solution if you are using Laravel 5.7 and storing sessions within the DB.

$last_activity = \DB::table('sessions')->select('last_activity')->where('id', session()->getId())->first()->last_activity;

$session_time_remaining_minutes = ($last_activity + (\Config::get('session.lifetime') * 60) - time()) / 60;

dd($session_time_remaining_minutes);

I'm currently unclear when 'last_activity' gets updated though, it isn't happening on page refresh.

alexmcfarlane
  • 1,016
  • 2
  • 13
  • 33
  • You can use `Session::activity()` to get the time when the last session activity was done. – Bharat Geleda Mar 19 '19 at 17:39
  • @BharatGeleda Session::activity() seems to be removed in 5.7 – alexmcfarlane Mar 19 '19 at 18:19
  • @BharatGeleda I looked at the 'Check for Session timeout in Laravel' question, but I want to find out the time remaining to expiry, not if its expired or not. So I think this is a different question. – alexmcfarlane Mar 19 '19 at 18:20
  • 2
    Well if you can get the last activity, you can calculate the pending time something like so `Session::activity() + (Config::get('session.lifetime') * 60) - time()` – Bharat Geleda Mar 19 '19 at 18:37
  • Seems like there's no other way other than using the DB, that too if you're using database to store session. Or storing a custom param in Session swhich changes with every change to the Session. – Bharat Geleda Mar 19 '19 at 18:43
  • 2
    If you're using DB, you can use something like this `DB::table('sessions')->select('last_activity')->where('id', $request->session()->get('id'))->first();` to get the last activity – Bharat Geleda Mar 19 '19 at 18:44

3 Answers3

2

Add two columns in your authentication table(users) for example session_start_time and session_end_time

now when user login update current timestamp in session_start_time and add minutes according to your config/sessions.php (SESSION_LIFETIME);

so from differnce of current time and session_end_time you can get remaining time.

you can use carbon for timestamp and for difference

Akash Kumar Verma
  • 3,185
  • 2
  • 16
  • 32
2

So I know that this is an old one but I thought I'd share the solution I've come up with. I've implemented a middleware that updates the session variable "session_expiry" to be the current time plus the session.lifetime on the outbound phase of each request (after the request is processed). Throughout processing the request you can therefore check this session variable to check how much time is left. Below is a fragment from the middleware handle() method (you will see I only apply this to authenticated sessions):

// Return trip middleware
    $response = $next($request);

    // Update session expiry after request has been processed
    if (auth()->check())
    {
        $expiry = (new \Carbon\Carbon())->addMinutes(config('session.lifetime'));
        session()->put('session_expiry', $expiry);
    }
    elseif (session()->has('session_expiry'))
    {
        session()->forget('session_expiry');
    }

    return $response;

This updates with all requests, including AJAX and API requests. I've then presented a route for an ajax call to check if the session is still valid. With a timer that is set for 1 minute longer than the lifetime it enables the application to log out gracefully if the session has expired but remain active if other tabs have kept it alive. This timer is reset automatically after every AJAX call with the $(document).ajaxComplete method.

T Bertie
  • 31
  • 3
1

If you would know when the user logged in, storing it in database users table, and you would know from config/sessions.php how long your session is before it expires, putting two together will allow you to compute how long it is before the users session expire.

george2019
  • 11
  • 1