setting and extending Session Lifetime using Zend_Auth

php zend-framework session zend-auth lifetime

10,130

Solution 1

Authentication state is stored in the registered Auth Storage. By default this is Zend_Session. You can set an expiration time to the Zend_Auth namespace, e.g.

$namespace = new Zend_Session_Namespace('Zend_Auth');
$namespace->setExpirationSeconds(300);

You can also globally configure Zend_Session via

Zend_Session::setOptions(array(
    'cookie_lifetime' => 300,
    'gc_maxlifetime'  => 300));

Solution 2

If you are using different namespace for zend_auth session you can do it like this:

$auth = Zend_Auth::getInstance ();
$auth->setStorage ( new Zend_Auth_Storage_Session ( 'user' ) );

$namespace = new Zend_Session_Namespace('user');
$namespace->setExpirationSeconds(7200); // 2 hours

10,130

Author by

Hannes

http://www.lautr.com ... yepp

Updated on June 12, 2022

Comments

Hannes almost 2 years

i use Zend_Auth for one of my Projects, but so far haven't figured out how to set the Lifetime for the Session, or how to extend it (lets say it should run 5 minutes and should reset to that when the user makes an action), here is my Initialization code:

        $authAdapter = new Zend_Auth_Adapter_DbTable($this->_model->pdo);
        $authAdapter->setTableName('normal_folks')
           ->setIdentityColumn('username')
           ->setCredentialColumn('password');

        $post = $this->_request->getPost();

        $authAdapter->setIdentity($post['username'])
            ->setCredential($post['password']);
        $auth = Zend_Auth::getInstance();
        $result = $auth->authenticate($authAdapter);

        if($result->isValid())
        {
            $userInfo = $authAdapter->getResultRowObject(null, 'password');
            $authStorage = $auth->getStorage();
            $authStorage->write($userInfo);

            if(strlen($post['refferer']) > 1){
                header("Location: ".$post['refferer']);
            }elseif(strlen($this->_request->getParam('ref_action')) > 1){
                Zend_Controller_Action::_forward($this->_request->getParam('ref_action'),"admin",null,null);
            }else{
                Zend_Controller_Action::_forward("index","admin",null,null);
            }
        }

Ant this how i check if the user is logged in:

                if(Zend_Auth::getInstance()->hasIdentity()){
                    echo "Woho!";
                }else{
                    die("invalid-identity");
                }

Its probably right there in front of me but I just can't figure it out, help? Please? Pretty Please? :D

Hannes over 13 years

Also any how i can "refresh" that lifetime in Case of an Action?
Gordon over 13 years

@Hannes I think the expiration time will refresh with each request automatically, so simply updating the page will give you another 300 seconds then.
Hannes over 13 years

btw. small typo there ;) $namespace = new Zend_Session_Namespace('Zend_Auth'); And yes you are right, it does reset every time its called, for whatever reason your second solution did not work (put it int the init() ) - but the first one works just dandy :D Thanks a lot!
Hannes almost 9 years

thanks for your awnser, although i am not able to verify it since the application in question is no longer maintained