Project

General

Profile

Actions

Feature #77080

open

Make permanent anonymous fe_sessions working (set cookie with lifetime)

Added by Arek van Schaijk over 8 years ago. Updated over 4 years ago.

Status:
New
Priority:
Must have
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
2016-07-13
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

I expect that my fe_typo_user session is permanent and my fe_session_data is available for the time configured in [FE][lifetime] and [FE][sessionDataLifetime]. [FE][sessionDataLifetime] describes: "Integer: positive. If >0, the session data will timeout and be removed after the number of seconds given (86400 seconds represents 24 hours)." which suggests this should be the case.

When you create fe_session_date like:

$GLOBALS['TSFE']->fe_user->setKey('ses', 'uniqueKey', 'test: '.time());
$GLOBALS['TSFE']->fe_user->storeSessionData();

It seems that there is a cookie set named "fe_typo_user" without a expiration date. So if you close your browser completely and return to the website the "fe_typo_user" cookie was destroyed.

This is because:
"\TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication->isRefreshTimeBasedCookie()" which is called by "AbstractUserAuthentication->setSessionCookie()" depends on $this->user for setting a expiration date on the cookie.

Can you guys please check/fix this one?

A simple workaround for now was to create a custom user (but didn't check if there were any complications).

$GLOBALS['TSFE']->fe_user->setKey('ses', 'uniqueKey', 'test: '.time());
$GLOBALS['TSFE']->fe_user->user = ['ses_permanent' => TRUE];
$GLOBALS['TSFE']->fe_user->storeSessionData();
Actions

Also available in: Atom PDF