Get Free Audit

Magento 2 Session Debugging Step by Step

Mar 12, 2019

13322 Andrey Litvin

Magento 2 Session Debugging Step by Step

In this article we will get into details of how does Magento 2 sessions work and information is stored. You will also learn about the most common Magento 2 session issues that can occur and how to resolve them.

Table of contents:

General information
What data does the Magento 2 session store
Common session issues

General information

Magento 2 session allows you to store important information, which can be used to identify the user and transfer data from one page to another. Magento 2 takes full advantage of this feature.

Magento allows you to choose where to store sessions:

  • In memory (RAM) if you are using memcached,
  • On the Redis server, if you have it configured,
  • Into a file.

When you use a file system to store the session, Magento saves the session in files in the specified path.
The path can be specified in:

  1. File app/etc/env.php
  2. If the path is not specified in, then the system searches for the path in php.ini file, session.save_path value;
  3. If the path is specified in neither, the session will be saved in the {root of the installed Magento}/var/session.

To manage sessions, Magento uses the Magento \ Framework \ Session \ SessionManager class. Magento also stores the current session identifier in cookies, which helps the system to identify you as a logged in user, even after you close and open the browser. When you create a session, cookies are automatically created with the name PHPSESSID and the value equal to the session identifier. The system also takes care of your security, so when you log in, session_regenerate_id () is called. Automatically new data is entered into cookies and the expires / max-age cookies are updated; due to this we constantly stay logged into the system.

Magento 2 enables you to set up cookies and session, which is, as we now realize, a rather important aspect to us. Navigate to settings via the following path Admin Panel -> Stores -> Configuration -> Web -> Default Cookie Settings / Session Validation Settings.

The following functions are of particular interest to Magento admins and developers:

Partner With Us Let's discuss how to grow your business. Get a Free Quote.
Talk to Andrey

  • Cookie Lifetime – the number of seconds the information about our presence on the site will be stored, and when we refresh the page this time will last. By default, lifetime is set at 3600 = 1 hour.
  • Cookie Path – the storage path for cookies.
  • Domain – if empty, then the default domain of the store is used.
  • Use HTTP Only – allows you to use only the HTTP protocol, leave the value “Yes” to secure yourself.
  • Cookie Restriction Mode – includes a front-end notification about the use of cookies so that the store will function at its full capacity, and the client must agree with Privacy Policy.
  • Session Validation Settings – here we set the permissions and whether the system will check the server variables listed below.
  • Use SID on Storefront – this option allows the system to recognize us when we move from one store to another.

default cookies settings

What data does the Magento 2 session store

Session stores in itself all the necessary and constantly used information about the user, in particular:

  • General information about the user, browser and IP-address;
  • Information about the visitor, date of the visit, session ID, visitor ID, information about whether the user is logged in or not, logged user ID;
  • Information about the logged in user, wishlist, cart, user group and the user ID;
  • Messages for user, reports, compare catalog and other information.

We can leave new data to be saved in the session. To perform this, refer to one of the models:

\Magento\Customer\Model\Session $customerSession
\Magento\Catalog\Model\Session $catalogSession
\Magento\Checkout\Model\Session $checkoutSession

and implement get, set, uns methods (deletes the value from the session). Another method – we turn to the SessionManager we described above and install the value in the common session storage via the setData method.

Common sessions issues

1.Q: There are many models for session management. I have a chat and I want to save user information; which model is best for me to store information in a session?
A: Working with chat, you utilize user data, and for this situation it is best to use Magento \ Customer \ Model \ Session.

2. Q: I have installed Magento 2 and can not log in to the admin panel; instead, the error “Admin Login Error – Your current session has been expired” appears. What should I do?
A: You need to add a new entry to the core_config_data table: scope – default, scope_id – 0, path – admin / security / session_lifetime, value – 86400. This way, we set the administrator’s lifetime. Moreover, update the php cache bin / magento cache: clean.

3. Q: How to specify a session lifetime on the server side?
A: To specify the lifetime of the session on the server side you need to find the php.ini file, which is responsible for the current version of php, and set the desired value in seconds to the session.gc_maxlifetime variable. Remember to restart the server for the changes to take effect.

4. Q: How to configure the system so that the session would be stored in Redis?
A: Edit the app / etc / env.php file. Change or add the following lines: ‘session’ => array (‘save’ => ‘redis’)

5. Q: Why there is no “Remember Me” option at the user login page?
A: To enable this option, you must enable Persistent Shopping Cart in the admin panel. Navigate to Stores -> Configuration -> Customers -> Persistent Shopping Cart. Enable Persistence and Remember Me.

6. Q: I added my value to the session, and I expected that it will be deleted when I leave the account, but the value in the session remains. What do I do?
A: You can delete your value via the Observer and event “customer_logout”. Use SessionManager or in some cases Magento \ Customer \ Model \ Session, which also inherits from SessionManager.

7. Q: How can I find out the current customerId of the logged in user?
A: You need to declare the module Magento \ Customer \ Model \ Session in __construct a block or controller (depending on the situation). Then request the user ID, for example: $ this-> session-> getCustomerId ().

8. Q: I changed the group from the user through the admin panel, but the group has not changed on the site. Why?
A: The identifier of the current group is also stored in the session. Try to log out and log in again.

Wrapping it up

This is how you perform a Magento 2 session debugging as well as the most common issues you may face and how to resolve them. If you have any comments or questions, feel free to leave them in the comments.

Andrey Dubina
Partner With Us Looking for a partner to grow your business? We are the right company to bring your webstore to success. Talk to Andrey

Post a new comment

BelVG Newsletter
Subscribe to our mailing list and get interesting stuff and updates to your email inbox.
Email *