6

I'm struggling to accomplish the following: Alter the user's session cookie expiry date based on the user's type.

I have a CakePHP web application wherein I have created my authentication component (instead of CakePHP's Auth) using CakePHP sessions. I've configured CakePHP to handle sessions using the database.

Here are the relevant configuration settings that I have in my config.php:

Configure::write('Session.save', 'database');
Configure::write('Session.timeout', '36');
Configure::write('Security.level', 'medium');

How do I extend the session cookie expiry date AND update the value in the "expires" column in the "sessions" table?

sharmil
  • 689
  • 1
  • 8
  • 21
  • maybe this can help: 'high' Session timeout in 'Session.timeout' x 10; 'medium' Session timeout in 'Session.timeout' x 100; 'low' Session timeout in 'Session.timeout' x 300; – del_dan Feb 15 '12 at 12:42
  • 1
    This may help too: http://www.dereuromark.de/2012/02/02/more-persistent-sessions-in-cake2-x/ – Costa Feb 20 '12 at 01:47

2 Answers2

6

Go in app/config/core.php

In this file search for,

Configure::write('Session.timeout', '120');

Session time out time (in seconds), by default it is 120 seconds. You can edit it here as required. Now the actual timeout duration depends on,

Configure::write('Security.level', 'medium');

if 'high' then Session timeout in 'Session.timeout' x 10, 
if 'medium' then Session timeout in 'Session.timeout' x 100, 
if 'low'    Session timeout in 'Session.timeout' x 300

So by combination of Session.timeout and Security.level you can get the desired session timeout

Vineet
  • 287
  • 2
  • 14
  • 9
    can this be configures on the fly ? say some user with a greater expiry time than others? – arod May 20 '13 at 20:14
4

Find this: app/config/core.php

Change this line to your desired value in minutes:
Configure::write('Session.timeout', '120');

(Since CakePHP 2.3.0 Security.level is no longer used.
Changelog: http://cakephp.org/changelogs/2.3.0)

trante
  • 33,518
  • 47
  • 192
  • 272