How to set session timeout in Laravel?
In app/config/session.php you have:
lifetime
option that allow you to set session expire time in minutes (not in seconds)
'lifetime' => 60,
means that session will expire after an hour.
There is also one more setting here:
'expire_on_close' => true,
that decides if session will be expired when browser will be closed.
Other settings you could get interested is also php.ini values of:
session.cookie_lifetime = 0
and
session.gc_maxlifetime = 1440
Those are default values.
The first one means how long session cookie will be stored - default value is 0 (until browse is closed). The second option means after how many of seconds PHP may destroy this session data.
I said may because there is one other option session.gc_probability in php.ini file that decides what's the chance of running garbage collector. Be default there is only 1% chance that after 1440 seconds (24 minutes) this session data will be destroyed.
Laravel session timeout, extra logout code
You are comparing session lifetime same as in middleware.
That Means when session will expire, your middleware will not(never) called.And user will move to login page.
If you want to save entry in Database, You can set long-time session lifetime, and in middleware use your custom time to logout.
Change in config/session.php
'lifetime' => 525600, // for one year, it will be in minute, use as you want.
Change in middleware as below, log out after two hours.
if (now()->diffInMinutes(session('lastActivityTime')) >= (120) ) { // also you can this value in your config file and use here
if (auth()->check() && auth()->id() > 1) {
$user = auth()->user();
auth()->logout();
$user->update(['is_logged_in' => false]);
$this->reCacheAllUsersData();
session()->forget('lastActivityTime');
return redirect(route('users.login'));
}
}
By this way your session will not expire automatically and you can manipulate data.
Laravel session expire time for each session
You can change the session lifetime, application wide by changing the lifetime value on config/session.php:
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 4320,
'expire_on_close' => false,
Now, if you want to control the session lifetime per user, you need to set this value before logging in the user.
- Try if user exists in database
- If yes, and he is user who needs longer session lifetime, run
config(['session.lifetime' => $newLifetime]);- Log user in
- Enjoy longer session lifetime for current user
— Source
You have to make the above changes in LoginController.
Session expire time in Laravel
Session is renewed every time the session_start(); is called. This will happen when you for example refresh the page, write data to the session etc. Its not 1800 seconds from the time a session is created, and then it closes after 30 minutes. Its 30 minutes from the last time the session was accessed
Related Topics
How Do Check If a PHP Session Is Empty
Check If Laravel Model Got Saved or Query Got Executed
Reusing the Same Curl Handle. Big Performance Increase
PHP Float Calculation Error When Subtracting
How to Detect If Have to Apply Utf-8 Decode or Encode on a String
PHP Remove Elements from Associative Array
Removing Black Borders 4:3 on Youtube Thumbnails
Url Encode Equivalent in Ruby on Rails
PHP Rename Array Keys in Multidimensional Array
Getting List Ips from Cidr Notation in PHP
How to Check If Variable Is Array... or Something Array-Like
Connection Reset by Peer: Mod_Fcgid: Error Reading Data from Fastcgi Server
How to Bulk Update MySQL Data with One Query