For my Symfony2 project, i’m using the session storage in a database.
So, i configure my config.yml like that :
framework: session: handler_id: session.handler.pdo parameters: pdo.db_options: db_table: session db_id_col: session_id db_data_col: session_value db_time_col: session_time services: pdo: class: PDO arguments: - "pgsql:host=%database_host%;dbname=%database_name%" - "%database_user%" - "%database_password%" calls: - [setAttribute, [3, 2]] session.handler.pdo: class: Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler arguments: ["@pdo", "%pdo.db_options%"]
All it’s ok, when i login, an entry is created in my database and the sessions works fine.
But, how can i define the lifetime of my session when its in the database ? Why do I have a lot of lines (+50) in my session table, if I only have 4 members on my application ?
How can i configure that ? I just need one session when a member login.
You can reduce the number of rows in your session table by running the session garbage collector more frequently.
In your php.ini file
These settings will run the garbage collector with 100% probability, which is not recommended for production but you should be able to verify it works and tweak the settings as needed.
I think the number of rows is not dictated by session lifetime, at least not entirely.
The major reason for so much rows is protection from session hijacking. So, if you close the browser and come back to your web-site, session is not just being taken for granted but regenerated instead.
Are you using
FOSUserBundle for authentication? I know for sure that it supports configuration of session hijacking protection…
chrsva mentioned it here:
How does Symfony2 session fixation work?