如何延长Symfony2中每个请求的remember_me cookie? [英] How to prolong the remember_me cookie on each request in Symfony2?

问题描述

我使用标准的 remember_me symfony 功能，但它会在配置中设置的每个时间段过期.例如.我将 lifetime 设置为 1800.不管我做什么，它都会在上次登录后 0.5 小时后将我注销.而且我希望它仅在 0.5 小时不活动后将我注销.

I use standard remember_me symfony feature, but it expires every period of time, set in config. E.g. I have lifetime set to 1800. Disregarding of what I do, it logs me off after 0.5 hours after last login. And I want it logs me off only after 0.5 hours of inactivity.

每个请求都应该延长记住我的cookie.

Every request should prolong remember me cookie.

这可以仅通过配置来完成，还是我应该弄乱内核事件并手动破解?

Could this be done with just config or should I mess with kernel events and hack that manually?

推荐答案

确实有一种方法可以仅通过配置设置来实现，但仅限于 Symfony 2.1.要走的路是使用集成在 PHP 中的会话垃圾收集.在这里你可以如何实现它.

There is indeed a way to do it only with configuration settings, but only in Symfony 2.1. The way to go is to use the garbage collection of sessions integrated within PHP. Here how you can achieve it.

在您的 config.yml 文件中，设置以下变量:

In your config.yml file, set the variables below:

framework:
  session:
    cookie_lifetime: 86400 # One day, cookie lifetime
    gc_maxlifetime: 1800 # 30 minutes, session lifetime
    gc_probability: 5
    gc_divisor: 100

使用此配置，发送到浏览器的 cookie 将在一整天内有效.但是，会议将持续 30 分钟.由于每次请求都会保存会话，因此每次请求后都会重新启动"生命周期.因此，每次请求都会延长会话.

With this configuration, the cookie sent to the browser will be valid for one full day. However, the session will last 30 minutes. Since sessions are saved on every request, the lifetime will be "restarted" after each request. So, the session will be prolonged on each request.

然后是垃圾收集部分.这可能是有问题的"，具体取决于您想要的精确程度.属性 gc_probability 和 gc_divisor 控制垃圾收集运行的频率.这些数字意味着每次会话初始化时，GC 将以 5%(5/100，gc_probability/gc_divisor)的概率运行.

Then, comes the garbage collection part. And this can be "problematic" depending on how precise you want to be. The properties gc_probability and gc_divisor controls how often garbage collection will run. Those numbers mean that GC will be run with a probability of 5% (5/100, gc_probability/gc_divisor) on each session initialization.

这意味着当 GC 运行时，它将删除过期的会话.但是，由于这是一个概率特征，您无法完全控制它.某些会话在您指定的生命周期后仍可访问，因为 GC 尚未运行.

This means that when GC will run, it will remove expired sessions. However, since this is a probabilistic feature, you do not have full control over it. Some sessions could still be accessed after the lifetime you specified, because the GC has not run yet.

如果这对您来说是个问题，那么您需要对每个请求都有一个侦听器并检查会话是否仍然有效.如果您想在会话过期时向用户显示一条消息，因为还没有会话过期事件，您也需要这样做.

If this is a problem for you, then you need a listener on each request and check that the session is still valid. You also need to do this if you want to display a message to the user when is session has expired since there is no session expired event yet.

不要忘记，我的回答仅在 Symfony 2.1 中有效.在 2.0 上，您还需要一个请求侦听器来验证会话生命周期值.

Do not forget, my answer will be valid only in Symfony 2.1. On 2.0, you will also need a request listener to validate the session lifetime value.

这里有一些关于会话空闲时间的链接:

Here some links about session idle times:

1. PR 上介绍保持活动会话的链接:PR-2171
2. 会话文档:此处
3. 会话 gc 上的 PHP 站点:此处

希望对你有帮助.

问候，马特

这篇关于如何延长Symfony2中每个请求的remember_me cookie?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！