Session lifetime

There's no "forever" option but you can set it for 20 years or so...

config/session.php

How?

    /*
    |--------------------------------------------------------------------------
    | Session Lifetime
    |--------------------------------------------------------------------------
    |
    | Here you may specify the number of minutes that you wish the session
    | to be allowed to remain idle before it expires. If you want them
    | to immediately expire on the browser closing, set that option.
    |
    */

    'lifetime' => 120,

Change the 120

Jesus.

Why jesus?

Change the number to 20, that will then mean 20 years. :-)

You opened a thread with "session lifetime", I gave you the file config/session.php and you didn't even look in it to find the 'lifetime' array item.

I found maestro but the lifetime can be set in minutes format only, I thought how set in another format ....

You can only set it in minutes, but it's just a basic PHP array, if you really wanted to then you could just do the basic math in it if you wanted a longer time.

Like to get an hour, multiply it by 60, to get a day multiply the hours by 24, and to get a year multiply the days by 365.

'lifetime' => 1 * (60 * 24 * 365), // 1 year

But realistically there's no point and you won't be changing this again so it'd be fine to just put the final result in the config file and leave a comment next to it to note how much the number of minutes equates to.

Wow :/

1. Why bother calculating it
2. It's a lot easier to read and work out how long it's set for in that format unless it hits a frequently used number (day, week, year etc)

:-)

Another way could be to use the "remember me" functionality: "which will keep the user authenticated indefinitely, or until they manually logout." https://laravel.com/docs/5.5/authentication#remembering-users

@vandyczech I believe the "Jesus" was because @Snapey gave you the answer on a plate :)

The provided Laravel config. file literally states:

Here you may specify the number of minutes that you wish the session
to be allowed to remain idle before it expires. If you want them
to immediately expire on the browser closing, set that option.

Not sure how it can be any clearer than that?

@Robstar Think you tagged wrong person :P I've given up helping questions like this because it always ends the same.

Ah apologies :)

I was wondering about something, I want to do something to logout user after closing the window, but all I do I hit a dead end and it doesn't work. I set lifetime to 1 and expire_on_close to true but still nothing, the user stays logged in forever

@BASHY - doesnt work:

'lifetime' => env('SESSION_LIFETIME' , 1),

iam trying to test so i can then try and redirect the user back to login page after 1 minute .. any ideas why this doesnt work?

Do you happen to have SESSION_LIFETIME set in your .env? If so, it's using that. The 2nd parameter for env() is a default value to use if it isn't explicitly set in .env.

@BASHY - Not sure why but session.php does nothing for me. I had to change the lifetime value in my .env file for the timer to take effect.

another 2 hours wasted .

and now a few more hours working out how to redirect timed out user to the login page ! thought this stuff was out the box?

You'll waste a lot more than 2 hours if you don't read the user guide cover to cover. This was covered in there, particularly in the configuration section where it discusses the DotEnv library and how it's used. https://laravel.com/docs/5.8/configuration

Your car probably does things you aren't aware of as well, if you haven't read the manual.

ha, 'check the docs... ' thx for the advice cronix. i have a rare form of doc blindness . I see the words but they dont make sense. (maybe i shouldnt code) For this reason rather then the car analogy, its more like reading a phone book in the hope i may need to ring one of the numbers one day.

i've sorted the .env file part out now anyway.

Where in the docs is the part about sending the user back to the login page once the session times out i.e. when user is inactive for 120 mins ?

Have laravel ever thought about setting up a phone help line? i'd pay for that. :)

@babonday Thanks for 2 year old post tag.

@babonday

Where in the docs is the part about sending the user back to the login page once the session times out i.e. when user is inactive for 120 mins ?

what a dumb question.

The rule is, if you wrap a route in middleware that says you must be logged in to access this page, then, when you have no session ... say for instance if your session times out... then the middleware will direct you to the login page. Its not because its been 120 minutes. Its because you have no session and tried to access a page that is only for authorised users.

If you cannot bear to read the manual, there is LOADS of video training out there for Laravel - probably more than any other framework - including on this site.

damn this thread haha

I was here just to learn how to change expiration date on an active session through api requests (to avoid logging out a user that had accessed app only through api, which would make session to be idle for more than expiration time although the user has been active). But this thread is much more interesting.