The SessionServiceProvider provides a service for storing data persistently between requests.
session.storage.save_path (optional): The path for the NativeFileSessionHandler, defaults to the value of sys_get_temp_dir().
session.storage.options: An array of options that is passed to the constructor of the session.storage service.
In case of the default NativeSessionStorage, the possible options are:
However, all of these are optional. Sessions last as long as the browser is open. To override this, set the lifetime option.
session.test: Whether to simulate sessions or not (useful when writing functional tests).
$app->register(new Silex\Provider\SessionServiceProvider());
The Session provider provides a session service. Here is an example that authenticates a user and creates a session for him:
use Symfony\Component\HttpFoundation\Response;
$app->get('/login', function () use ($app) {
$username = $app['request']->server->get('PHP_AUTH_USER', false);
$password = $app['request']->server->get('PHP_AUTH_PW');
if ('igor' === $username && 'password' === $password) {
$app['session']->set('user', array('username' => $username));
return $app->redirect('/account');
}
$response = new Response();
$response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', 'site_login'));
$response->setStatusCode(401, 'Please sign in.');
return $response;
});
$app->get('/account', function () use ($app) {
if (null === $user = $app['session']->get('user')) {
return $app->redirect('/login');
}
return "Welcome {$user['username']}!";
});
If your system is using a custom session configuration (such as a redis handler from a PHP extension) then you need to disable the NativeFileSessionHandler by setting session.storage.handler to null. You will have to configure the session.save_path ini setting yourself in that case.
$app['session.storage.handler'] = null;