Sessions for the XP Framework

Example

use web\session\{InFileSystem, ForTesting};

// Instantiate session factory
$sessions= new InFileSystem('/tmp');
$sessions= (new ForTesting())->lasting(3600)->named('psessionid');

// Create a new session
$session= $sessions->create();

// Open an existing session...
if ($session= $sessions->open($sessionId)) { … }

// ...or locate session attached to a request
if ($session= $sessions->locate($request)) { … }

// Basic I/O operations
$session->register('key', 'value');
$value= $session->value('key');
$keys= $session->keys();
$session->remove('key');

// Destroy
$session->destroy();

// Close session...
$session->close();

// ...or close and then transmit session to response.
$session->transmit($response);

Ensure you always either call close() or transmit() to have the session data synchronized.

Implementations

This library includes the following implementations:

• web.session.InFileSystem - using the local filesystem with serialized data
• web.session.ForTesting - in-memory sessions, for testing purposes

Other implementations provide solutions for clustering:

• https://github.com/xp-forge/redis-sessions
• https://github.com/xp-forge/mongo-sessions
• https://github.com/xp-forge/cookie-sessions

Secure

The Secure flag is set for all session cookies. If you develop on localhost using http only, you will need to tell the sessions instance as follows:

// This will omit the "Secure" flag from session cookies in dev environment
$sessions= new InFileSystem('/tmp');
if ('dev' === $this->environment->profile()) {
  $sessions->cookies()->insecure(true);
}