Search code examples
phpzend-frameworksessionzend-authlifetime

setting and extending Session Lifetime using Zend_Auth


i use Zend_Auth for one of my Projects, but so far haven't figured out how to set the Lifetime for the Session, or how to extend it (lets say it should run 5 minutes and should reset to that when the user makes an action), here is my Initialization code:

        $authAdapter = new Zend_Auth_Adapter_DbTable($this->_model->pdo);
        $authAdapter->setTableName('normal_folks')
           ->setIdentityColumn('username')
           ->setCredentialColumn('password');

        $post = $this->_request->getPost();

        $authAdapter->setIdentity($post['username'])
            ->setCredential($post['password']);
        $auth = Zend_Auth::getInstance();
        $result = $auth->authenticate($authAdapter);

        if($result->isValid())
        {
            $userInfo = $authAdapter->getResultRowObject(null, 'password');
            $authStorage = $auth->getStorage();
            $authStorage->write($userInfo);

            if(strlen($post['refferer']) > 1){
                header("Location: ".$post['refferer']);
            }elseif(strlen($this->_request->getParam('ref_action')) > 1){
                Zend_Controller_Action::_forward($this->_request->getParam('ref_action'),"admin",null,null);
            }else{
                Zend_Controller_Action::_forward("index","admin",null,null);
            }
        }

Ant this how i check if the user is logged in:

                if(Zend_Auth::getInstance()->hasIdentity()){
                    echo "Woho!";
                }else{
                    die("invalid-identity");
                }

Its probably right there in front of me but I just can't figure it out, help? Please? Pretty Please? :D


Solution

  • Authentication state is stored in the registered Auth Storage. By default this is Zend_Session. You can set an expiration time to the Zend_Auth namespace, e.g.

    $namespace = new Zend_Session_Namespace('Zend_Auth');
    $namespace->setExpirationSeconds(300);
    

    You can also globally configure Zend_Session via

    Zend_Session::setOptions(array(
        'cookie_lifetime' => 300,
        'gc_maxlifetime'  => 300));