/** * Initialize the session. * * This is something you might want to override in your controller so you can * redirect to a page with a message about being logged out after detecting the session has expired. * * @var int $session_expiration Session Expiration in seconds */ protected function initializeSession($session_expiration = null) { /** * Setup the session with cookie expiration of one week. This will * allow the session to persist even if the browser window is closed. * The session expiration will still be respected (default 1 hour). */ $this->session = new Session(new \Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage(['cookie_lifetime' => 604800])); $this->config->load('config'); // Should session cookie be http only? Default true to reduce XSS attack vector. $session_cookie_httponly = (bool) $this->config->get('session_cookie_httponly', true); ini_set('session.cookie_httponly', $session_cookie_httponly); // We need a unique session name for this app. Let's use last 10 characters the file path's sha1 hash. try { $this->session->setName('TSAPP' . substr(sha1(__FILE__), -10)); $this->session->start(); // Default session expiration 1 hour. // Can be overridden in method param or by setting session_expiration in config.php $session_expiration = !empty($session_expiration) ? $session_expiration : $this->config->get('session_expiration', 3600); // Is this session too old? if (time() - $this->session->getMetadataBag()->getLastUsed() > $session_expiration) { $this->session->invalidate(); } } catch (\LogicException $e) { // Session already active, can't change it now! } }
public function testCanLoadEnvironmentConfig() { $config = new Config($this->getAppDir()); $config->load('envopts'); $this->assertEquals('test', $config->get('env')); }