Remembering Authenticated Sessions With Zend Framework

After setting up your session management in your application using one of the Zend_Auth adapters you might want to allow users to stay logged in. What you need to do is set some configuration options in the Zend_Session object. Zend_Auth uses Zend_Session as an object orientated way of manipulating the $_SESSION variable. Any changes you make to the Zend_Session object will affect the Zend_Auth object, as long as you set these options before the sessions are started.

There are a number of configuration options available, but for the effect I was looking for I only needed to change the ones below. You might not need to set all of these, but it gave me the best cross browser behaviour.

[live]
sessions.name = SESS_NAME
sessions.strict = off
sessions.use_only_cookies = on
sessions.cookie_lifetime = 12345678
sessions.remember_me_seconds = 12345678
sessions.gc_maxlifetime = 12345678
12345678 is the number of seconds, which is about 6 months.

You can load these configuration options into your session using the following code.

// load the config file
$configuration = new Zend_Config_Ini('config.ini', 'live');
// load the config file into the session options.
Zend_Session::setOptions($configuration->sessions->toArray());

Put this in your bootstrap file so that it is loaded before your Zend_Auth call. You should now find that your users are able to close down the browser and reopen it with the session intact.

Comments

Zend_Session::rememberMe() doesn't work ??
Permalink

Add new comment

The content of this field is kept private and will not be shown publicly.
CAPTCHA
4 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.