setting and extending Session Lifetime using Zend_Auth
10,130
Solution 1
Authentication state is stored in the registered Auth Storage. By default this is Zend_Session
. You can set an expiration time to the Zend_Auth
namespace, e.g.
$namespace = new Zend_Session_Namespace('Zend_Auth');
$namespace->setExpirationSeconds(300);
You can also globally configure Zend_Session
via
Zend_Session::setOptions(array(
'cookie_lifetime' => 300,
'gc_maxlifetime' => 300));
Solution 2
If you are using different namespace for zend_auth session you can do it like this:
$auth = Zend_Auth::getInstance ();
$auth->setStorage ( new Zend_Auth_Storage_Session ( 'user' ) );
$namespace = new Zend_Session_Namespace('user');
$namespace->setExpirationSeconds(7200); // 2 hours
Comments
-
Hannes almost 2 years
i use Zend_Auth for one of my Projects, but so far haven't figured out how to set the Lifetime for the Session, or how to extend it (lets say it should run 5 minutes and should reset to that when the user makes an action), here is my Initialization code:
$authAdapter = new Zend_Auth_Adapter_DbTable($this->_model->pdo); $authAdapter->setTableName('normal_folks') ->setIdentityColumn('username') ->setCredentialColumn('password'); $post = $this->_request->getPost(); $authAdapter->setIdentity($post['username']) ->setCredential($post['password']); $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); if($result->isValid()) { $userInfo = $authAdapter->getResultRowObject(null, 'password'); $authStorage = $auth->getStorage(); $authStorage->write($userInfo); if(strlen($post['refferer']) > 1){ header("Location: ".$post['refferer']); }elseif(strlen($this->_request->getParam('ref_action')) > 1){ Zend_Controller_Action::_forward($this->_request->getParam('ref_action'),"admin",null,null); }else{ Zend_Controller_Action::_forward("index","admin",null,null); } }
Ant this how i check if the user is logged in:
if(Zend_Auth::getInstance()->hasIdentity()){ echo "Woho!"; }else{ die("invalid-identity"); }
Its probably right there in front of me but I just can't figure it out, help? Please? Pretty Please? :D
-
Hannes over 13 yearsAlso any how i can "refresh" that lifetime in Case of an Action?
-
Gordon over 13 years@Hannes I think the expiration time will refresh with each request automatically, so simply updating the page will give you another 300 seconds then.
-
Hannes over 13 yearsbtw. small typo there ;)
$namespace = new Zend_Session_Namespace('Zend_Auth');
And yes you are right, it does reset every time its called, for whatever reason your second solution did not work (put it int the init() ) - but the first one works just dandy :D Thanks a lot! -
Hannes almost 9 yearsthanks for your awnser, although i am not able to verify it since the application in question is no longer maintained