phpgt / session
Encapsulated user sessions.
Maintainers
Fund package maintenance!
Requires
- php: >=8.2
- phpgt/typesafegetter: ^1.3
Requires (Dev)
- phpmd/phpmd: ^2.13
- phpstan/phpstan: ^2.1
- phpunit/phpunit: ^10.1
- squizlabs/php_codesniffer: ^3.7
- dev-master
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0
- v1.0.0
- v0.2.3
- v0.2.2
- v0.2.1
- v0.2.0
- v0.1.0
- v0.0.3
- v0.0.2
- v0.0.1
- dev-272-redis
- dev-57-get-store-create-namespace
- dev-dependabot/composer/phpunit/phpunit-10.5.62
- dev-graceful-check-for-started-sessions
- dev-dependabot/composer/phpstan/phpstan-0.12.85
- dev-30-remove-store
- dev-6-dot-notation
- dev-8-session-store
- dev-4-write-delete
This package is auto-updated.
Last update: 2026-03-14 16:30:58 UTC
README
This library is a simple object oriented alternative to the $_SESSION superglobal allowing application code to be passed encapsulated SessionStore objects, so areas of code can have access to their own Session area without having full read-write access to all session variables.
Sessions are addressed using dot notation, allowing for handling categories of session data. This is particularly useful when dealing with user authentication, for example.
Example usage: Welcome a user by their first name or log out the user
if($session->contains("auth")) { // Remove the *whole* auth section of the session on logout. if($action === "logout") { $session->delete("auth"); } else { // Output a variable within the auth namespace: $message = "Welcome back, " . $session->getString("auth.user.name"); } } else { // Pass the "auth" store to a class, so it // can't read/write to other session variables: AuthenticationSystem::beginLogin($session->getStore("auth")); }
Redis session storage
This package now includes Gt\Session\RedisHandler for shared session storage.
It works with Redis-compatible backends such as Redis and Valkey, and is intended
for deployments where application nodes are disposable and session state needs to
survive traffic moving between servers.
RedisHandler expects save_path to be a DSN rather than a filesystem path.
It uses the phpredis extension at runtime.
Example production config:
[session] handler=Gt\Session\RedisHandler save_path=rediss://default:secret@example-redis.internal:25061/0?prefix=GT:&ttl=1440 name=GT use_cookies=true
Supported DSN forms:
redis://host:6379redis://:password@host:6379/0redis://username:password@host:6379/0rediss://username:password@host:6379/0
Useful query parameters:
prefix: key prefix for stored sessions, defaults to<session-name>:ttl: session lifetime in seconds, defaults tosession.gc_maxlifetimetimeout: connection timeout in secondsread_timeout: socket read timeout in secondspersistent=1: enable persistent connectionspersistent_id: optional persistent connection pool idverify_peer=0/verify_peer_name=0: optional TLS verification flags
Proudly sponsored by
JetBrains Open Source sponsorship program