Configuring the Session TTL

Edit this page

Configuring the Session TTL

Symfony by default will use PHP's ini setting session.gc_maxlifetime as session lifetime. However if you store sessions in a database you can also configure your own TTL in the framework configuration or even at runtime.

Changing the ini setting is not possible once the session is started so if you want to use a different TTL depending on which user is logged in, you really need to do it at runtime using the callback method below.

Configuring the TTL

You need to pass the TTL in the options array of the session handler you are using:

  • YAML
  • XML
  • PHP
1
2
3
4
5
6
7
# config/services.yaml
services:
    # ...
    Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler:
        arguments:
            - '@Redis'
            - { 'ttl': 600 }

Configuring the TTL dynamically at runtime

If you would like to have a different TTL for different users or sessions for whatever reason, this is also possible by passing a callback as the TTL value. The callback then has to return an integer which will be used as TTL.

The callback will be called right before the session is written.

  • YAML
  • XML
  • PHP
1
2
3
4
5
6
7
8
9
10
11
12
13
# config/services.yaml
services:
    # ...
    Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler:
        arguments:
            - '@Redis'
            - { 'ttl': !closure '@my.ttl.handler' }
     
    my.ttl.handler:
        class: Some\InvokableClass # some class with an __invoke() method
        arguments:
            # Inject whatever dependencies you need to be able to resolve a TTL for the current session
            - '@security'
This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.