Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Regenerate Session ID
  • DanielDaniel
    How do I regenerate a session id using Fuel? Should I just use session_regenerate_id?
  • HarroHarro
    Fuel's session class regenerates it's session ID automatically, with the interval defined in the session config by the key "rotation_time". By default, this happens every 300 seconds. If you absolutely want, you can do it manually using the rotate() method of the session driver:
    \Session::instance()->rotate(); // assuming the default session instance is used
  • DanielDaniel
    thank you for the reply. I had always by practice manually regenerated after successful login, role changes, etc... Once again fuel is making things simple! I fear it's going to make me lazy :)
  • HarroHarro
    That is indeed best practice. We've decided this week to build this into the Auth package.
  • sei2013sei2013
    my config is 300 sec but every time I reloaded, fuelcid(session id) is changed.
    /fuel/core/config/session.php
        'rotation_time'        => 300,

    my config is wrong?

  • HarroHarro
    If your cookie is called "fuelcid", you're using cookies to store session data.

    In that case the contents of the cookie is not the session id, but the complete session payload, which is encrypted. So quite logical it changes on every request, if only because the timestamps in the payload will have been updated.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion