Session storage framework

TYPO3 comes with the option to choose between different storages for both frontend end and backend user sessions (called session backends).

The Core ships two session backends by default:

  • Database storage
  • Redis storage

By default user sessions are stored in the database using the database storage backend.

Database storage backend

The database storage backend only requires two configuration options: The table name (table option) and whether anonymous sessions (has_anonymous option) may be stored.

The default configuration used for sessions by the Core is:

'SYS' => [
    'session' => [
        'BE' => [
            'backend' => \TYPO3\CMS\Core\Session\Backend\DatabaseSessionBackend::class,
            'options' => [
                'table' => 'be_sessions'
            ]
        ],
        'FE' => [
            'backend' => \TYPO3\CMS\Core\Session\Backend\DatabaseSessionBackend::class,
            'options' => [
                'table' => 'fe_sessions',
                'has_anonymous' => true,
            ]
        ]
    ],
],
Copied!

Using Redis to store sessions

TYPO3 also comes with the possibility to store sessions in a Redis key-value database.

The Redis session storage can be configured with config/system/settings.php in the SYS entry:

A sample configuration will look like this:

'SYS' => [
    'session' => [
        'BE' => [
            'backend' => \TYPO3\CMS\Core\Session\Backend\RedisSessionBackend::class,
            'options' => [
                'hostname' => 'redis.myhost.example',
                'password' => 'passw0rd',
                'database' => 0,
                'port' => 6379
            ]
        ],
        'FE' => [
            'backend' => \TYPO3\CMS\Core\Session\Backend\RedisSessionBackend::class,
            'options' => [
                'hostname' => 'redis.myhost.example',
                'password' => 'passw0rd',
                'database' => 0,
                'port' => 6379
            ]
        ],
    ],
],
Copied!

The available options are:

hostname
Name of the server the redis database service is running on. Default: 127.0.0.1
port
Port number the redis database service is listening to. Default: 6379
database
The redis database number to use. Default: 0
password
The password to use when connecting to the specified database. Optional.

Writing your own session storage

Custom sessions storage backends can be created by implementing the interface \TYPO3\CMS\Core\Session\Backend\SessionBackendInterface . The doc blocks in the interface describe how the implementing class must behave. Any number of options can be passed to the session backend.

A custom session storage backend can be used like this (similarly to the Redis backend):

'SYS' => [
    'session' => [
        'FE' => [
            'backend' => \Vendor\Sessions\MyCustomSessionBackend::class,
            'options' => [
                'foo' => 'bar',
            ]
        ],
    ],
],
Copied!

SessionManager API

class SessionManager
Fully qualified name
\TYPO3\CMS\Core\Session\SessionManager

Example Configuration

$GLOBALS['TYPO3_CONF_VARS']['SYS']['session'] => [
    'BE' => [
        'backend' => \TYPO3\CMS\Core\Session\Backend\FileSessionBackend::class,
        'savePath' => '/var/www/t3sessionframework/data/'
    ],
];
Copied!
getSessionBackend ( string $identifier)

Gets the currently running session backend for the given context

param $identifier

the identifier

Returns
\TYPO3\CMS\Core\Session\Backend\SessionBackendInterface
invalidateAllSessionsByUserId ( \TYPO3\CMS\Core\Session\Backend\SessionBackendInterface $backend, int $userId, ?\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $userAuthentication = NULL)

Removes all sessions for a specific user ID

param $backend

see constants

param $userId

the userId

param $userAuthentication

the userAuthentication, default: NULL

References