Session Management in PHP with Lithe: From Basic Setup to Advanced Usage

Lithe - Oct 22 - - Dev Community

When we talk about web applications, one of the first needs is to maintain user information while they navigate through the pages. That’s where session management in Lithe comes in, allowing you to store data such as login information or user preferences.

Simple and Quick Installation

To get started with sessions in Lithe, you only need to install the session middleware via Composer. Just run the following command in the terminal within your project:

composer require lithemod/session
Enter fullscreen mode Exit fullscreen mode

This will install everything you need. Nothing complicated, right?

Configuration in a Few Steps

With the middleware installed, you need to configure it in your project. But don’t worry, it’s quite easy! You simply add the middleware to your application using the use() method. Here’s a basic example:

use function Lithe\Middleware\Session\session;

$app->use(session());
Enter fullscreen mode Exit fullscreen mode

Done! The session is configured and ready to be used. If you need to adjust some details like session duration, domain, or whether the cookie should only be sent over HTTPS, just pass those parameters in the configuration:

$app->use(session([
    'lifetime' => 3600, // 1-hour session
    'secure' => true,   // Only on secure connections
    'httponly' => true, // Accessible only via HTTP
]));
Enter fullscreen mode Exit fullscreen mode

Working with Sessions: The Basics

Now that everything is set up, let’s get practical. You can easily store and retrieve session information within Lithe routes. For example, to save the username:

$app->get('/set-user', function ($req, $res) {
    $req->session->put('user', 'John Doe');
    return $res->send('User saved in the session!');
});
Enter fullscreen mode Exit fullscreen mode

And to get the name back:

$app->get('/get-user', function ($req, $res) {
    $user = $req->session->get('user', 'User not found');
    return $res->send('User: ' . $user);
});
Enter fullscreen mode Exit fullscreen mode

It’s that simple. Session management in Lithe is straightforward.

Tips for Using Sessions Efficiently

  • Keep the session short: Long sessions can be a security risk, so adjust the lifetime carefully.
  • Always use HTTPS: If your application is in production, make sure to use secure => true to ensure session cookies are transmitted securely.
  • Session Cleanup: Always remember to remove session data that is no longer needed to avoid overloading the storage.

Beyond the Basics: Advanced Functions

If you need something more advanced, Lithe also allows you to regenerate the session ID for added security, check if the session is active, or even destroy the entire session easily:

$app->get('/destroy-session', function ($req, $res) {
    $req->session->destroy();
    return $res->send('Session destroyed!');
});
Enter fullscreen mode Exit fullscreen mode

This flexibility ensures you have full control over the session state and the user experience in your application.


Using sessions in Lithe is a simple yet powerful task. With just a few lines of code, you can ensure that your users' information is kept securely and efficiently throughout their browsing experience.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .