Home >PHP Framework >Laravel >Detailed explanation of session expiration time in laravel
The following tutorial column from Laravel will introduce you to the session expiration time in laravel. I hope it will be helpful to friends in need!
In the process of project development, the front-end and back-end separation need to use session to save the user’s login information
This involves the validity period of the session
Session is divided into session validity period in php and session validity period in laravel
Their default validity period is
View session.gc_maxlifetime in php.ini
The default is 1440 seconds, which is almost 24 minutes
And laravel's session validity period is in config/session.php
'lifetime' => 120, 'expire_on_close' => false,
If 'expire_on_close' is set to If false, 'lifetime' is valid. If 'expire_on_close' is set to true, 'lifetime' is invalid.
About the specific use of laravel's session
Learning source: https://www.chenyudong .com/archives/laravel-session-use.html
Official document address: http://laravelacademy.org/post/7954.html
Use Laravel to develop applications and convert the original Copy the code. The previous code session used $_SESSION
. I thought it would run well after transplanting it because it did not rely on other components. As a result, this
Undefined variable appeared: _SESSION
Laravel's session configuration file is configured in app/config/session.php
. When using it, you can take a look at the option settings and comments available in the session configuration file.
Laravel uses file
by default to implement session. She does not use PHP's native $_SESSION (php's native session depends on the location of php.ini), so it ignores PHP-related session functions, such as session_start()
, $_SESSION
. During the running process, Laravel will write session information in the app/storage/session/
directory, so this directory needs to have write permission, otherwise the session will not be written successfully.
In addition to using the default file as the session implementation, Laravel also supports cookie
, Memcached
, Redis
and database
The back-end driver serves as the implementation of session. When necessary, you need to implement a session implementation yourself, such as in the interaction between WeChat public accounts and users. The session cannot be used directly, because the WeChat server makes the request every time, and the user cannot be identified by the source of the request.
Session's API is relatively simple. You can probably know what it means by looking at the Chinese documentation. But there are a few that are not easy to understand.
//session的永久保存(在不过期范围内) Session::put('key', 'value'); //等同于PHP的原生session $_SESSION['key'] = 'value'; //get操作 $value = Session::get('key', 'default'); //去除操作并删除,类似pop概念 $value = Session::pull('key', 'default'); //检测是否存在key Session::has('users'); //删除key Session::forget('key');
As long as the session does not expire, this correspondence is basically saved permanently and will exist for the next http request. Different from the following flash concept.
But Laravel came up with the concept of flash flash
, which confused me all of a sudden. This flash is valid for two requests (this time and the next request are valid), regardless of how many times this request is performed.
//保存key,value Session::flash('key', 'value'); //取值方法还是一样的 Session::get('key'); //刷新快闪数据时间,保持到下次请求 Session::keep(array('username', 'email'));
The concept of this flash
is different from the concept of put
above.
That is to say, the next request will be destroyed when it is used up. It will not make the session value become larger and larger, and some temporary data can be saved.
Usage scenarios for this situation include:
I naively thought that Session::put# was used ##The function can save this variable. So my code is written like this:
class LoginController { public function login(){ Session::put('key','value'); print_r( Session::all() ); //取出来看看是否put成功 exit; //习惯性的调试都exit,不执行后续代码 //return Redirect::to(/); 框架在return后还会有后续的代码执行的 } }As a result, the next request cannot find this Session, and looking at the
app/storage/session directory, no file is generated. Something feels wrong.
Session::save(), so I also used it and found that the session file was successfully generated. So I felt that Laravel does not use PHP's native session, so it should do something after the controller to write the session to the file, instead of writing every
put operation, which will cause IO operations Too frequent will affect performance.
bootstrap/compiled.php
class Middleware implements HttpKernelInterface { ... public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true) { $this->checkRequestForArraySessions($request); if ($this->sessionConfigured()) { $session = $this->startSession($request); // 启动session $request->setSession($session); } $response = $this->app->handle($request, $type, $catch); // 调用controller的method if ($this->sessionConfigured()) { $this->closeSession($session); //关闭session $this->addCookieToResponse($response, $session); } return $response; } ... protected function closeSession(SessionInterface $session) { $session->save(); // 保存session $this->collectGarbage($session); } }
小提示:如果不知道函数调用情况,可以在controller中throw new Exception();
,然后在/config/app.php
的debug更改为debug=>true
。可以看到函数的调用关系。
可以看见,在调用完controller之后,调用了session->save()
的方法,来主动的保存session。这样session才能落地保存起来,如果在controller或者view里面写了exit;
,那么session是不会被保存的,除非主动的写Session::save()
才能手工的保存起来。因此在debug调试的时候千万要注意啊。
The above is the detailed content of Detailed explanation of session expiration time in laravel. For more information, please follow other related articles on the PHP Chinese website!