Revision: Tue, 18 Feb 2020 08:24:29 GMT

HTTP - Session

Default application skeleton enables session integration by default.

If you need to enable session it in alternative bundle require composer package spiral/session and add bootloader Spiral\Bootloader\Http\SessionBootloader into your app.

SessionInterface

User session can be accessed using context specific object Spiral\Session\SessionInterface:

use Spiral\Session\SessionInterface;

// ...

public function index(SessionInterface $session)
{
    $session->resume();
    echo $session->getID();
}

You are not allowed to store session reference in singleton objects. See the workaround below.

Session Section

By default, you are not allowed to work with session directly, but rather allocate the isolated and named section which provides classing set, get, delete and etc functionality. Use getSection of session object for this purposes:

public function index(SessionInterface $session)
{
    $cart = $session->getSection('cart');

    $cart->set('items', ['my-items']);

    dump($cart->getAll());
}

Session Scope

To simplify the usage of session in singleton services and controllers use Spiral\Session\SessionScope. This component is also available via prototype property session. The component can be used within singleton services and always point to active session context:

namespace App\Controller;

use Spiral\Prototype\Traits\PrototypeTrait;

class HomeController
{
    use PrototypeTrait;

    public function index()
    {
        dump($this->session->getSection('cart')->getAll());
    }
}

Session Lifecycle

The session will be automatically started on first data access and committed when request will leave SessionMiddleware. To control session manually use methods of Spiral\Session\SessionInterface object.

SessionScope fully implements SessionInterface.

Resume session

To manually resume/create session:

$this->session->resume();

Commit

To manually commit and close the session:

$this->session->commit();

Abort

To discard all the changes and close the session:

$this->session->abort();

Get Session ID

To get session ID (only when session resumed):

dump($this->session->getID());

To check if session has been started:

dump($this->session->isStarted());

Destroy

To destroy the session and all the content:

$this->session->destroy();

Regenerate ID

To issue new session ID without affecting the session content:

$this->session->regenerateID();

Custom Configuration

To alter session configuration create file app/config/session.php to change needed values:

<?php

declare(strict_types=1);

use Spiral\Core\Container\Autowire;
use Spiral\Session\Handler\FileHandler;

return [
    'lifetime' => 86400,
    'cookie'   => 'sid',
    'secure'   => false,
    'handler'  => new Autowire(
        FileHandler::class,
        [
            'directory' => directory('runtime') . 'session',
            'lifetime'  => 86400
        ]
    )
];

Custom Session Handler

The session component based on native PHP session implementation. By default, session content is stored in file system in runtime/session directory.

To change the session storage driver use any SessionHandlerInterface compatible handler.

<?php
return [
    'handler' => MyHandlerClass::class
];

You can use Autowire instead of class name to configure additional parameters.

Edit this page