Remembering Authenticated Sessions With Zend Framework

After setting up your session management in your application using one of the Zend_Auth adapters you might want to allow users to stay logged in. What you need to do is set some configuration options in the Zend_Session object. Zend_Auth uses Zend_Session as an object orientated way of manipulating the $_SESSION variable. Any changes you make to the Zend_Session object will affect the Zend_Auth object, as long as you set these options before the sessions are started.

There are a number of configuration options available, but for the effect I was looking for I only needed to change the ones below. You might not need to set all of these, but it gave me the best cross browser behaviour.

[live]
sessions.name = SESS_NAME
sessions.strict = off
sessions.use_only_cookies = on
sessions.cookie_lifetime = 12345678
sessions.remember_me_seconds = 12345678
sessions.gc_maxlifetime = 12345678
12345678 is the number of seconds, which is about 6 months.

You can load these configuration options into your session using the following code.

// load the config file
$configuration = new Zend_Config_Ini('config.ini', 'live');
// load the config file into the session options.
Zend_Session::setOptions($configuration->sessions->toArray());

Put this in your bootstrap file so that it is loaded before your Zend_Auth call. You should now find that your users are able to close down the browser and reopen it with the session intact.

Comments

Zend_Session::rememberMe() doesn't work ??
Permalink

Add new comment

The content of this field is kept private and will not be shown publicly.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
6 + 6 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.