Session storage framework¶
TYPO3 comes with the option to choose between different storages for both frontend end and backend user sessions (called session backends).
The Core ships two session backends by default:
Database storage
Redis storage
By default user sessions are stored in the database using the database storage backend.
Database storage backend¶
The database storage backend only requires two configuration options:
The table name (table option) and whether anonymous sessions (has_anonymous option) may be stored.
The default configuration used for sessions by the Core is:
'SYS' => [
'session' => [
'BE' => [
'backend' => \TYPO3\CMS\Core\Session\Backend\DatabaseSessionBackend::class,
'options' => [
'table' => 'be_sessions'
]
],
'FE' => [
'backend' => \TYPO3\CMS\Core\Session\Backend\DatabaseSessionBackend::class,
'options' => [
'table' => 'fe_sessions',
'has_anonymous' => true,
]
]
],
],
Using Redis to store sessions¶
TYPO3 also comes with the possibility to store sessions in a Redis key-value database.
Note
This requires a running Redis instance (refer to the Redis documentation for help on this) and the PHP extension "redis" to be installed.
The Redis session storage can be configured with config/system/settings.php in the SYS entry:
A sample configuration will look like this:
'SYS' => [
'session' => [
'BE' => [
'backend' => \TYPO3\CMS\Core\Session\Backend\RedisSessionBackend::class,
'options' => [
'hostname' => 'redis.myhost.example',
'password' => 'passw0rd',
'database' => 0,
'port' => 6379
]
],
'FE' => [
'backend' => \TYPO3\CMS\Core\Session\Backend\RedisSessionBackend::class,
'options' => [
'hostname' => 'redis.myhost.example',
'password' => 'passw0rd',
'database' => 0,
'port' => 6379
]
],
],
],
The available options are:
hostnameName of the server the redis database service is running on. Default: 127.0.0.1
portPort number the redis database service is listening to. Default: 6379
databaseThe redis database number to use. Default: 0
passwordThe password to use when connecting to the specified database. Optional.
Tip
If a Redis instance is running on the same machine as the webserver the hostname 'localhost' can be used.
Writing your own session storage¶
Custom sessions storage backends can be created by implementing the interface
\TYPO3\CMS\Core\Session\Backend\SessionBackendInterface. The doc blocks
in the interface describe how the implementing class must behave. Any number
of options can be passed to the session backend.
A custom session storage backend can be used like this (similarly to the Redis backend):
'SYS' => [
'session' => [
'FE' => [
'backend' => \Vendor\Sessions\MyCustomSessionBackend::class,
'options' => [
'foo' => 'bar',
]
],
],
],
SessionManager API¶
- class TYPO3\CMS\Core\Session\SessionManager¶
Class SessionManager
Example Configuration
$GLOBALS['TYPO3_CONF_VARS']['SYS']['session'] => [ 'BE' => [ 'backend' => \TYPO3\CMS\Core\Session\Backend\FileSessionBackend::class, 'savePath' => '/var/www/t3sessionframework/data/' ], ];
- getSessionBackend(string $identifier)¶
Gets the currently running session backend for the given context
- Parameters
$identifier (
string) -- the identifier
- Return type
TYPO3\CMS\Core\Session\Backend\SessionBackendInterface
- invalidateAllSessionsByUserId(TYPO3\\CMS\\Core\\Session\\Backend\\SessionBackendInterface $backend, int $userId, TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication $userAuthentication = NULL)¶
Removes all sessions for a specific user ID
- Parameters
$backend (
TYPO3\CMS\Core\Session\Backend\SessionBackendInterface) -- see constants$userId (
int) -- the userId$userAuthentication (
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication) -- the userAuthentication, default: NULL
References¶
The Redis documentation https://redis.io/documentation