aloframework / session
Redis or MySQL-based session management
Requires
- php: >=5.5
- aloframework/common: ^2.0
- aloframework/config: ^2.0
- aloframework/log: ^3.0
Requires (Dev)
- aloframework/handlers: ^3.0
- symfony/var-dumper: ^2.7 || ^3.0
This package is not auto-updated.
Last update: 2024-10-26 18:54:41 UTC
README
MySQL & Redis-based session management
Latest release API documentation: https://aloframework.github.io/session/
Installation
Installation is available via Composer:
composer require aloframework/session
Additional steps for MySQL
MySQL-based sessions require an additional step which is described in setup/MySQL.md.
Usage
All sessions use the same interface (bar the constructor), in this example Redis will be used.
<?php use AloFramework\Session\RedisSession; //Make our Redis connection $redis = new Redis(); $redis->connect('127.0.0.1'); //Start our session. The redis parameter can be omitted, in which case the code above will be run automatically // within the class $sess = (new RedisSession($redis))->start(); //That's it - you can now use the handler just like you would use a regular PHP session. $_SESSION['foo'] = 'bar'; unset($_SESSION['qux']); echo $_SESSION['baz']; //Additionally, you can work directly with the RedisSession object via the ArrayAccess interface and magic // getter+setter: $sess->foo = 'bar'; $sess['foo'] = 'bar'; unset($sess['foo']); echo $sess->foo; echo $_SESSION['foo'];
Logging
An instance of \Psr\Log\LoggerInterface
should be passed on to the constructor to make use of basic logging (almost everything is debug-level). If one isn't passed on, an instance of \AloFramework\Log\Log
will be created with default parameters.
Configuration
Configuration is done via the Configuration class.
Config::CFG_TIMEOUT
- session lifetime in seconds (defaults to 300)Config::CFG_COOKIE_NAME
- how the session cookie will be named (defaults to AloSession)Config::CFG_FINGERPRINT_NAME
- the session key which will hold the session-hijacking prevention fingerprint. You cannot set any session keys with the same name as that would invalidate the session. Defaults to _fp_.Config::CFG_PREFIX
- how to prefix session keys if using cache-based handlers. Defaults to _alo_sess_.Config::CFG_SESSION_ID_ALGO
- hashing algorithm to use for session IDs. Defaults to sha512.Config::CFG_TABLE
- table to use if using MySQL-based handlers. Defaults to alo_session.Config::CFG_SECURE
- if set to true, the session cookie will only be sent via HTTPS connections (defaults totrue
).Config::CFG_GC
- garbage collection probability. If set to 100 (default) there is a 1/100 (i.e. 1% chance) that a garbage collection event will occur on session start. This is only used withMySQLNoEventSession
.Config::CFG_SAVE_CLI
- whether to save/write session data in CLI mode (default: false)Config::CFG_TOKEN
- The session key to identify token data. You must not set any session values using this key as that would invalidate the tokens. Defaults to _tk_.