Hi, I have built a number of CakePHP (v3) applications over the years and have never seemed to get the session timeout to work. It seems like it always just ignores whatever I put there and it just defaults to 1440 or whatever.
My most important application employs a custom session handler with AWS DynamoDB. CakePHP’s config.session.timeout is 90, and php ini_get returns 5400 (90 minutes) for session.gc_maxlifetime. So it should be 90 minutes as currently set but it’s logging out at ~24 minutes.
How do I even debug this? If anyone has an actual fix, that’d be great too, but I don’t even know where to start debugging.
That’s the default for cookies, they’ll last until the browser is closed. (In multi-tab scenarios, maybe until the last tab for the site is closed. I’m not sure. I never use that type of cookie.) This shouldn’t be the source of your problem, at least.
Is that a test you’re doing in the code being run by your web server? Many setups have different php.ini files for command line vs web server, so if you’re getting that value from the command line, it might not mean anything at all for processes run by the server.
Is that 5400 coming from your ini file, or being set somewhere in your code? If the latter, any chance it’s being set after the session is expired by some earlier bit of code?
Does the value 1440 appear anywhere else in your ini file, that might somehow have some knock-on effect?
Hmmm, I don’t think it’s being set in the code anywhere other than where I guess CakePHP sets it. But this gives me an idea of something to check. Will report back once I look into it. Thanks for the idea!