How to configure a session timeout
Task
Automatically terminate a user's session after a specific period of inactivity.
Solution
-
Add session factories and configuration to your application via a module config or
config/autoloadfile:return [
'service_manager' => [
'factories' => [
// Configures the default SessionManager instance
'Laminas\Session\ManagerInterface' => 'Laminas\Session\Service\SessionManagerFactory',
// Provides session configuration to SessionManagerFactory
'Laminas\Session\Config\ConfigInterface' => 'Laminas\Session\Service\SessionConfigFactory',
],
],
'session_manager' => [
// SessionManager config: validators, etc
],
'session_config' => [
// Set the session and cookie expiries to 15 minutes
'cache_expire' => 900,
'cookie_lifetime' => 900,
],
]; -
In
Application\Module::onBootstrap, pull an instance of the SessionManager. This will inject the properly-configured SessionManager instance as the default for all new session containers.public function onBootstrap(MvcEvent $e)
{
$manager = $e->getApplication()->getServiceManager()->get('Laminas\Session\ManagerInterface');
}
Alternatively, you could use an external module such as HtSession instead of a manual configuration.