New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Session doesn't refresh correctly #4239
Comments
Do you have an idea how to fix that? When I tested this feature I remember the time was refreshed on every page load |
Only entry Config.time is refreshed, unfortunately cookie expiration time doesn't. May application should set cookie expiration to some much bigger value than Session.timeout. Method _timedOut() anyhow keeps seesion fresh / outdated. |
php is responsible for refreshing the cookie, not cake. And, yes... you need to set timeout to a value bigger than your cookie timeout if you want this to happen. |
I think what we can do is not set the cookie timeout to the same as the session timeout |
Exactly, it should be way way higher then the session timeout. I recommend many days here. |
closing as there is a pull request to fix this |
On first use of session, it's create cookie CAKEPHP with lifetime defined in app.php -> Session['timeout'], and store current time in method _timedOut():
$this->write('Config.time', time())
.In next request, method _timedOut() checks interval between now and last request, and if this time is shorter than defined in Session['timeout'], then new timestamp is stored in 'Config.time', and session is alive.
But updating time Session['timeout'] works fine for moment when cookie CAKEPHP is expired. After that all session is destroyed. No matter how often page is refreshed in this time. I think session should live as long, as I refreshing page. Since Config.time is updated, then time expiration of cookie also should be updated (or write new with old data and new expiration).
The text was updated successfully, but these errors were encountered: