After setting up your session management in your application using one of the Zend_Auth adapters you might want to allow users to stay logged in. What you need to do is set some configuration options in the Zend_Session object. Zend_Auth uses Zend_Session as an object orientated way of manipulating the $_SESSION variable. Any changes you make to the Zend_Session object will affect the Zend_Auth object, as long as you set these options before the sessions are started.
There are a number of configuration options available, but for the effect I was looking for I only needed to change the ones below. You might not need to set all of these, but it gave me the best cross browser behaviour.
- sessions.name = SESS_NAME
- sessions.strict = off
- sessions.use_only_cookies = on
- sessions.cookie_lifetime = 12345678
- sessions.remember_me_seconds = 12345678
- sessions.gc_maxlifetime = 12345678
You can load these configuration options into your session using the following code.
- // load the config file
- $configuration = new Zend_Config_Ini('config.ini', 'live');
- // load the config file into the session options.
Put this in your bootstrap file so that it is loaded before your Zend_Auth call. You should now find that your users are able to close down the browser and reopen it with the session intact.