use web\session\{InFileSystem, ForTesting};
// Instantiate session factory
$sessions= new InFileSystem('/tmp');
$sessions= (new ForTesting())->lasting(3600)->named('psessionid');
// Create a new session
$session= $sessions->create();
// Open an existing session...
if ($session= $sessions->open($sessionId)) { … }
// ...or locate session attached to a request
if ($session= $sessions->locate($request)) { … }
// Basic I/O operations
$session->register('key', 'value');
$value= $session->value('key');
$keys= $session->keys();
$session->remove('key');
// Destroy
$session->destroy();
// Close session...
$session->close();
// ...or close and then transmit session to response.
$session->transmit($response);Ensure you always either call close() or transmit() to have the session data synchronized.
This library includes the following implementations:
web.session.InFileSystem- using the local filesystem with serialized dataweb.session.ForTesting- in-memory sessions, for testing purposes
Other implementations provide solutions for clustering:
- https://github.com/xp-forge/redis-sessions
- https://github.com/xp-forge/mongo-sessions
- https://github.com/xp-forge/cookie-sessions
The Secure flag is set for all session cookies. If you develop on localhost using http only, you will need to tell the sessions instance as follows:
// This will omit the "Secure" flag from session cookies in dev environment
$sessions= new InFileSystem('/tmp');
if ('dev' === $this->environment->profile()) {
$sessions->cookies()->insecure(true);
}