Session
The session middleware in Lithe manages user session configuration and control.
Using the Session Middleware
Lithe includes a session middleware to manage user sessions and their variables. To configure the middleware in your application, add it using the use()
method:
use Lithe\Middleware\Session\session;
$app->use(session());
This ensures that the session is correctly initiated and configured for all requests.
Configuring the Session Middleware
The session middleware can be configured with the following parameters:
- lifetime: Defines the session's lifetime in seconds. The default is 2592000 seconds (30 days).
- domain: Defines the domain for which the session cookie is valid. The default is
null
. - secure: Indicates if the session cookie should be sent only over secure (HTTPS) connections. The default is
false
. - httponly: Indicates if the session cookie should be accessible only through HTTP requests. The default is
true
. - samesite: Defines the SameSite attribute of the session cookie. It can be
'Lax'
,'Strict'
, or'None'
. The default is'Lax'
. - path: Defines the path where session files will be stored. The default is
'storage/framework/session'
.
Example configuration:
$app->use(Session([
'lifetime' => 3600,
'domain' => 'example.com',
'secure' => true,
'httponly' => true,
'samesite' => 'Strict',
'path' => PROJECT_ROOT . '/storage/framework/session',
]));
Using Session Variables
After configuration, you can access and manipulate session variables through the Request
object. Here are some available methods:
-
put(string $name, mixed $value): void
Sets a session variable.
$req->session->put('user', 'John Doe');
-
get(string $name, mixed $default = null): mixed
Retrieves the value of a session variable. Returns the default value if the variable is not set.
$user = $req->session->get('user');
-
forget(mixed $name): void
Removes one or more session variables.
$req->session->forget('user');
-
destroy(): void
Destroys all session variables.
$req->session->destroy();
-
isActive(): bool
Checks if the session is active.
$isActive = $req->session->isActive();
-
regenerate(bool $deleteOldSession = true): bool
Regenerates the session ID. If
$deleteOldSession
istrue
, the old session will be deleted.$req->session->regenerate();
-
getId(): string|false
Retrieves the current session ID.
$sessionId = $req->session->getId();
-
setId(string $sessionId): bool
Sets a new ID for the session.
$req->session->setId('newSessionId');
-
all(): array
Retrieves all session variables.
$allSessionData = $req->session->all();
-
has(string|array $names): bool
Checks if one or more session variables exist.
$hasUser = $req->session->has('user');
Considerations
- Creating the Session Directory: The middleware ensures that the directory for storing sessions exists. If it doesn't, it will be created.
- Error Handling: If an error occurs during configuration or session initialization, the middleware will log it and continue execution.