Luminova Framework

Session Configuration

Last updated: 2024-05-28 20:13:28

The Session Configuration class provides properties to configure various aspects of server-side sessions in your application, including session cookies, save path, expiration, and more.

  • Class namespace: \App\Controllers\Config\Session
  • File path: /app/Controllers/Config/Session.php
  • This class is marked as final and can't be subclassed



The name of the session cookie.

public string $cookieName = 'PHPSESSID';


The session storage index name, this will be used as the default storage index for user's information in session or cookie.

public string $tableIndex = '__server_side_session_table';

Since the Session is primarily designed for back-end user session management, we need a unique ID to differentiate the user session from any other sessions stored in session variable.

Use a unique identifier possibly md5 hash string.

Do not dynamically generate the index always, you must use specific default ID that will be used always to lookup users data in session.


Set the directory where session files are stored on the server.It doesn't affect the cookie sent to the client.

public string $savePath = '';

Pass a blank string to use the default server configuration path.


The lifetime of the session in seconds.

public int $expiration = 365 * 24 * 60 * 60;


Set the path on the server where the cookie will be available.It controls the URL path under which the cookie is available on the server.

public string $sessionPath = '/'


The domain to use for the session cookie.

public string $sessionDomain = '.localhost';


Set the session cookie security level.

Possible attributes: None, Lax, Strict

public string $sameSite = 'Lax';

None, Lax, Strict


Enable strict session IP authentication.

public bool $strictSessionIp = false;

If set to true, the user will be logged out if their IP address changes.


Set the storage engine to use for CSRF protection.Option: cookie, session,

public string $csrfStorage = 'session';