php - Laravel 5 Session Lifetime

Question

According to Laravel config/session.php

/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/

'lifetime' => 120,
'expire_on_close' => true,
'expired-session-redirect' => url(env('APP_URL'))

I have set the lifetime of my session to 120 minutes, but I have a feeling that my user is log-out way before 120 minutes.

Is that a typo ? Do they mean 120 seconds which is 2 mins ?

Can anyone please shed some lights on this ?

Answer 1

Check your php.ini for:

session.gc_maxlifetime - Default 1440 secs - 24 mins

session.gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and potentially cleaned up. Garbage collection may occur during session start (depending on session.gc_probability and session.gc_divisor).

session.cookie_lifetime - Default 0

session.cookie_lifetime specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means "until the browser is closed." Defaults to 0. See also session_get_cookie_params() and session_set_cookie_params().

In case it is less time than the Laravel configuration, the cookie will be removed because the local php.ini have preference over Laravel configuration.

You can just increase it or comment/delete.

In case is not solved something on your App is destroying the session.

UPDATE

After release v5.5.22 session lifetime is loaded from .env and is not hardcoded anymore at config/session.php, changes there.

Now you can modify the session lifetime using:

SESSION_LIFETIME=

In your .env file.