Authentication::setExpiration() default time

26 days ago

Backer | 394


I am thinking what is default expiration for authentication. I was looking at source code and it looks like if there is no explicit expiration there is none – same as session lifetime.

In authentication documentation is mentioned:

// without a time limit

but in session documentation is:

// variable $section->password will expire when a user closes a browser
$section->setExpiration(0, 'password');

I am confused because both of them are using same code internally and in authentication is that 0 means unlimited, in session that 0 is after closing browser. What is right?

Also in authentication documentation is mentioned that: Besides logging the user out with the logout() method, it can be done automatically based on specified time interval or closing the browser window but there is no example how to set up expiration until closing window. Is this still possible or it was removed?

Last edited by japlavaren (2018-08-27 08:21)