我创建了一个模块,通过卡片验证用户,我需要检查他们是否可以访问网站。
问题在于Drupal管理会话的方式。它会存储数据库中的每个会话并进行恢复,因此用户会自动登录,这会导致用户无法完成检查过程。
是否可以停止在数据库中存储会话?
答案 0 :(得分:1)
在Drupal 8中,您可以设置cookie /会话生存期 的 /sites/default/services.yml 强>
将cookie_lifetime设置为0意味着用户的会话只会持续到浏览器选项卡关闭,因此当他们重新访问该网站时,他们需要再次登录。
E.g。 services.yml
parameters:
session.storage.options:
# Default ini options for sessions.
#
# Some distributions of Linux (most notably Debian) ship their PHP
# installations with garbage collection (gc) disabled. Since Drupal depends
# on PHP's garbage collection for clearing sessions, ensure that garbage
# collection occurs by using the most common settings.
# @default 1
gc_probability: 1
# @default 100
gc_divisor: 100
#
# Set session lifetime (in seconds), i.e. the time from the user's last
# visit to the active session may be deleted by the session garbage
# collector. When a session is deleted, authenticated users are logged out,
# and the contents of the user's $_SESSION variable is discarded.
# @default 200000
gc_maxlifetime: 200000
#
# Set session cookie lifetime (in seconds), i.e. the time from the session
# is created to the cookie expires, i.e. when the browser is expected to
# discard the cookie. The value 0 means "until the browser is closed".
# @default 2000000
cookie_lifetime: 0