Jump to content

$config->sessionExpireSeconds does not work

helmut2509

By helmut2509,
in General Support

 Share

Recommended Posts

helmut2509 Sr. Member

helmut2509

Posted
Posted

In my PW-Application there is currently no session timeout.

I want to set the user session to 60 minutes which means that after 60 minutes of inactivity the user will be redirected to the homepage.

so I added the following entry to my config.php: 

$config->sessionExpireSeconds = 120;

(120 seconds is just for testing).

But after five minutes of inactivity I am still logged in, there is no redirection.

Is there anything wrong or did I miss something?

In php.ini I have the entry:

session.cookie_lifetime = 3600

Link to comment
Share on other sites
wbmnfktr Hero Member

wbmnfktr

Posted
Posted
  1. I added $config->sessionExpireSeconds = 120; to my config.php
  2. deleted all cookies and sessions (/site/assets/sessions/)
  3. opened a private window and logged in
  4. waited 2+ minutes
  5. clicked a link and was redirected to the login page

It works in the backend.

How and why there might be a difference in an application or frontend... I don't know. 

Maybe caching, maybing something that keeps the session alive.

Another thing is session()->isLoggedin where did you find that? All I know is $user->isLoggedin().

Maybe you could try: 

if(!$user()->isLoggedin)
   session()->redirect(config()->loginUrl);

 

  • Like 1
Link to comment
Share on other sites
helmut2509 Sr. Member

helmut2509

Posted
  • Author
Posted
11 hours ago, wbmnfktr said:
  1. I added $config->sessionExpireSeconds = 120; to my config.php
  2. deleted all cookies and sessions (/site/assets/sessions/)
  3. opened a private window and logged in
  4. waited 2+ minutes
  5. clicked a link and was redirected to the login page

It works in the backend.

How and why there might be a difference in an application or frontend... I don't know. 

Maybe caching, maybing something that keeps the session alive.

Another thing is session()->isLoggedin where did you find that? All I know is $user->isLoggedin().

Maybe you could try: 


if(!$user()->isLoggedin)
   session()->redirect(config()->loginUrl);

session()->isLoggedin is just a custom variable filled with 'true' after successfull login.

I found out that the session is not being saved in /site/assets/sessions/ but in the sessions table of the processwire database.

But strangely entries are only made at logout, never at login. Even after adding the $session()->login() command nothing changed.

 

 

 

Link to comment
Share on other sites
wbmnfktr Hero Member

wbmnfktr

Posted
Posted
12 hours ago, helmut2509 said:

session()->isLoggedin is just a custom variable filled with 'true' after successfull login.

Try the $user->isLoggedin() option.

12 hours ago, helmut2509 said:

I found out that the session is not being saved in /site/assets/sessions/ but in the sessions table of the processwire database.

But strangely entries are only made at logout, never at login. Even after adding the $session()->login() command nothing changed.

I don't know enough about session handling in ProcessWire and why this is the way it works in your setup.

Which version of ProcessWire are you running? Are there any other broader modifications/custom codes for session or user handling?

Did you install any session related modules that may interfere here?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...