Sessions
Session management is essential for many web applications, allowing you to store user information between different requests. In this guide, you will learn how to configure and use sessions in Lithe efficiently.
Configuring Session Middleware
To use sessions in Lithe, you need to configure a middleware responsible for managing sessions. This middleware initializes the session and makes it available across all requests. To configure the session middleware, add it to your Lithe application instance using the use() method:
use Lithe\Middleware\Session\session;
$app->use(session());
This configuration initializes the session with the default settings defined in the middleware.
Using Sessions
After configuring the middleware, you can access and manipulate session variables in any route or controller.
Setting Session Variables
To set session variables, use the put() method:
$req->session->put('user_name', 'John Doe');
Alternatively, you can set variables directly using magic methods:
$req->session->user_name = 'John Doe';
Getting Session Variables
To get the value of a session variable, use the get() method:
$userName = $req->session->get('user_name');
Or you can get variables directly with magic methods:
$userName = $req->session->user_name;
Default Values
To ensure a session variable has a default value if it is not set, pass the default value as the second argument to the get() method:
$userName = $req->session->get('user_name', 'Guest');
Or use the null coalescing operator (??) with magic methods:
$userName = $req->session->user_name ?? 'Guest';
Removing Session Variables
To remove a specific variable, use the forget() method:
$req->session->forget('user_id');
To remove multiple variables at once, pass an array with the variable names:
$req->session->forget(['user_name', 'last_login']);
To completely destroy the session and remove all variables, use the destroy() method:
$req->session->destroy();
Checking for Session Variables
To check if a session variable exists, use the has() method:
$app->get('/check-session', function ($req, $res) {
if ($req->session->has('user_id')) {
return $res->send('The "user_id" variable exists in the session.');
}
});
The has() method also supports checking for multiple session variables at once:
$app->get('/check-multiple-sessions', function ($req, $res) {
if ($req->session->has(['user_name', 'last_login'])) {
return $res->send('All session variables exist.');
}
});
Advanced Settings
You can customize session settings by passing an array of options to the session() middleware. Available options include:
lifetime: The lifetime of the session in seconds. Defines how long the session will remain active.domain: The domain for the session cookie. Defines the domains for which the session cookie is valid.secure: Defines whether the cookie should only be sent over HTTPS connections. Whentrue, the cookie will only be transmitted over HTTPS.httponly: Indicates whether the cookie should be accessible only via HTTP. Whentrue, the cookie cannot be accessed via JavaScript.samesite: Configures the SameSite attribute of the session cookie. Can bestrict,lax, ornone.
Example of advanced configuration:
$app->use(session([
'lifetime' => 3600, // 1 hour
'secure' => true, // HTTPS only
'httponly' => true, // HTTP access only
]));
These settings help ensure the security and functionality of sessions in your application, allowing for more efficient and customized session management.