The library relies on the php.ini settings.
Every session ini directive can be reset in the
configuration object.
Refer to php.ini session directives:
http://php.net/manual/en/session.security.ini.php
The session is started automatically by using one of the 2 methods:
[
'session' => [
// your ini "session." overwrites, without "session." prefix
]
]include this middleware class in your middleware stack
// your middleware stack
$middleware = [
SessionMiddleware::class
];session()->get('key');
session()->set('key', 'value');
// etc.The session class can be instantiated and used, but function session()
is much preferred instead an instance of Session class.
The bare minimum is to define the handler you want to use for the session:
// in your configuration file
[
'session' => [
'save_handler' => 'redis | memcache'
]
]If you do not choose one of the Redis or Memcached, it defaults to files
handler which is the PHP's default session mechanism.
However, the files handler might not be a desirable if your application
runs in Docker, Kubernetes or otherwise horizontal scaled setup,
distributed environment, etc.
The best choice is Redis in almost all situations.
WARNING: Memcached may drop the session data, because it's nature. Use it with caution!
[
'session' => [
'save_handler' => 'redis'
// OPTIONAL:
// these are the defaults
'prefix' => 'sess:',
'host' => 'localhost',
'port' => 6379,
'timeout' => 0.0,
'retry' => 0,
'db' => 0,
'serializer' => 'php', // or "json"
'binary' => false, // TRUE for igbinary
]
]A typical Redis settings:
- 1 server
- application
- Redis (localhost:6379)
- no auth (Redis is not available from outside)
[
'session' => [
'save_handler' => 'redis',
'name' => 'session-name',
'prefix' => 'sess:',
// isolate the session data in other db
'db' => 1
]
]To support huge volumes you need a good sysadmin skills and wast knowledge to set the Redis server(s).
[
'session' => [
'save_handler' => 'memcached',
// OPTIONAL:
// If you have multi memcached servers,
// defaults to ['127.0.0.1', 11211]
'servers' => [
['127.0.0.1', 11211],
['127.0.0.1', 11212],
['127.0.0.2']
...
],
// the options are optional
'options' => [
...
]
]
]A typical Memcached settings:
- 1 server
- application
- Memcached (localhost:11211)
[
'session' => [
'save_handler' => 'memcached',
'name' => 'session-name',
'prefix' => 'sess.'
]
]To support huge amount of sessions you need a decent amounts of RAM on your server(s). But Memcached is a master technology for this, so you should be fine.
This one is not recommended for any serious business. It's fine only for small projects.
All session directives are defined in php.ini.
[
'session' => [
// OPTIONAL:
// the path where to store the session data,
// defaults to "session_save_path()"
'save_path' => '/var/www/sessions',
'serialize_handler' => 'php'
]
]A typical native PHP session settings:
[
'session' => [
// really nothing,
// skip this section in your configuration
]
]You cannot use this handler if you've scaled your application, because the session data will be handled on different instance for every HTTP request.