Session

The session middleware in Lithe manages user session configuration and control.

Installing the Session Middleware

To install the Session middleware, use Composer:

composer require lithemod/session

You can find more information and the source code for the module at github.com/lithemod/session.

Using the Session Middleware

Lithe includes a session middleware to manage user sessions and their variables. To configure the middleware in your application, add it using the use() method:

use Lithe\Middleware\Session\session;  

$app->use(session());

This ensures that the session is correctly initiated and configured for all requests.

Configuring the Session Middleware

The session middleware can be configured with the following parameters:

lifetime: Defines the session's duration in seconds. The default is 2592000 seconds (30 days).
domain: Defines the domain for which the session cookie is valid. The default is null.
secure: Indicates if the session cookie should be sent only over secure (HTTPS) connections. The default is false.
httponly: Indicates if the session cookie should be accessible only through HTTP requests. The default is true.
samesite: Defines the SameSite attribute of the session cookie. It can be 'Lax', 'Strict', or 'None'. The default is 'Lax'.
path: Defines the path where session files will be stored.

Example configuration:

$app->use(session([  
    'lifetime' => 3600,  
    'domain' => 'example.com',  
    'secure' => true,  
    'httponly' => true,  
    'samesite' => 'Strict',  
    'path' => '/../storage/framework/session',  
]));

Using Session Variables

After configuration, you can access and manipulate session variables through the Request object. Here are some examples:

Storing a Session Variable

To store a variable in the user's session, use the following code:

$app->get('/set-user', function ($req, $res) {  
    $req->session->put('user', 'John Doe'); // Set the session variable  
    return $res->send('User set in session!');  
});

Retrieving a Session Variable

To retrieve the value of a session variable, use:

$app->get('/get-session', function ($req, $res) {  
    $user = $req->session->get('user', 'default_value');  
    $res->send($user); // Display the user's name  
});

Removing a Session Variable

To remove a session variable, do:

$app->get('/forget-session', function ($req, $res) {  
    $req->session->forget('user'); // Remove the session variable  
});

Destroying All Session Variables

To destroy all session variables, use:

$app->get('/destroy-session', function ($req, $res) {  
    $req->session->destroy(); // Destroy all session variables  
});

Checking if the Session is Active

To check if the session is active, use:

$app->get('/is-session-active', function ($req, $res) {  
    $isActive = $req->session->isActive(); // Check if the session is active  
    $res->send($isActive ? 'The session is active.' : 'The session is not active.');  
});

Regenerating the Session ID

To regenerate the session ID, do:

$app->get('/regenerate-session', function ($req, $res) {  
    $req->session->regenerate(); // Regenerate the session ID  
});

Retrieving the Session ID

To obtain the current session ID, use:

$app->get('/get-session-id', function ($req, $res) {  
    $sessionId = $req->session->getId(); // Retrieve the session ID  
    $res->send($sessionId); // Display the session ID  
});

Setting a New ID for the Session

To set a new ID for the session, do:

$app->get('/set-session-id', function ($req, $res) {  
    $req->session->setId('newSessionId'); // Set a new ID for the session  
});

Retrieving All Session Variables

To obtain all session variables, use:

$app->get('/all-session-data', function ($req, $res) {  
    $allSessionData = $req->session->all(); // Retrieve all session variables  
    $res->send($allSessionData); // Display all session variables  
});

Checking the Existence of Session Variables

To check if one or more session variables exist, use:

$app->get('/check-session', function ($req, $res) {  
    $hasUser = $req->session->has('user'); // Check if the user variable exists  
    $res->send($hasUser ? 'The user variable exists in the session.' : 'The user variable does not exist in the session.');  
});

Considerations

Creating the Session Directory: The middleware ensures that the directory for storing sessions exists. If it does not exist, it will be created.
Error Handling: If an error occurs during configuration or session initialization, the middleware will log it and continue execution.