Symfony sessions outside app?

Question

Throughout our site we have a login button, whenever someone logs in the button changes into "log out" and the users name is displayed next to it. Our server setup uses Varnish so we devised a way where a bit of javascript does a POST and we check if the user is Authenticated.

To avoid server overhead I thought it would be simple to just create a script that sits in the website root /checkuser.php and try and read the session variables there (we let Varnish not cache this file). This way we can bypass all the classes that need to be loaded just to check this users session.

However, long story short, the sessions in checkuser.php are always empty. If I check with $user->getAttribute it works. Now what?

Answer 1

What session mapping are you using? I believe Symfony uses a namespace so nothing is ever in the top level of the session... for example you might have:

$_SESSION = Array(
  symfony = Array(
    sf_user => $userSessionValues
    sf_debug => $debugValues
  )
)

I dont remember the actual structure but doing a print_r or var_dump on $_SESSION (from withing sf just to be sure) should give you the lay of the land so to speak.

Answer 2

Okay, I got it. Symfony uses its sessions under its own name. If you want to use sessions from outside your app (or framework) you can get the sessions like so:

session_name('symfony');
session_start();
var_dump( $_SESSION );

Provided of course that you didn't rename the session name in factories.yml

thx prodigitalson for the help.

Answer 3

A more sophisticated (I won't say better, because its only better if you need the extra functionality) way to do this is to do something like this:

require_once($_SERVER['DOCUMENT_ROOT'].'/../config/ProjectConfiguration.class.php');

$configuration = ProjectConfiguration::getApplicationConfiguration('frontend', 'prod', false);
$context = sfContext::createInstance($configuration);

if ($context->getUser()->isSuperAdmin()) {
  "do something";
}

if ($context->getUser()->hasCredential('something')) {
  "do something else"
}

The advantage of this way is that, as you can see, you can get use the more sophisticated methods from symfony, rather than just looking at the raw session data.

(lifted from http://benlumley.co.uk/2009/05/24/hook-into-symfony-authentication-from-external-script-fckeditor/ )

Answer 4

@benlumley That was one of the first things I tried, but for some reason it started outputting my frontpage immediately using my default layout template. Is there a way to force another template?

Sorry about this new answer (instead of replying to yours), lost my temporary login...