Odan/session not persisting data

Struggling with data that is not persisted to the next request.
Using Slim 4 and odan\session 6.

I’m adding session middleware to every route/request, in routes.php:

$sessionMiddleware = new SessionStartMiddleware(
    new PhpSession($sessionSettings['options'])


Added it in the container:

PhpSession::class => DI\create()->constructor($settings['session']['options']),

So I can get it injected in my controller using the constructor:

public function __construct(
    private PhpSession $session,
) {}

Everything works. Except the data i save to the session is not showing up in a next request. Just an empty PhpSession():

$this = {\App\Auth\AuthMiddleWare} 
 session = {Odan\Session\PhpSession} 
  storage = {array[0]} 
  flash = {Odan\Session\Flash} 
   storage = {array[0]} 
   storageKey = "_flash"
  options = {array[8]} 
   id = null
   name = "app"
   lifetime = {int} 29030400
   path = null
   domain = null
   secure = false
   httponly = true
   cache_limiter = "nocache"

It’s not setting the ‘id’, is that maybe the problem?

Hi @reinier

I guess that the SessionStartMiddleware is not correctly (redundant) configured within the DI container. See here for a working example: odan/session Slim 4 Integration:

1 Like

Yes! Thank you.

Totally missed that part at the bottom of the documentation page.
I now have session and subsequently authentication working in my project :pray:

Now on to authorization :cold_sweat: Do you maybe have any recommendations for a package to implement that in Slim?

1 Like

I guess with Authorization, you mean some kind of “Access control” when the user is already logged in. Well, it depends,on your specific requirements, e.g., Role based or ACL.

I’m thinking RBAC. I already use some symfony core security classes that prepare for roles and their ‘firewalls’. I need to be able to assign roles but ideally also turn on/off specific features per user. Not sure if there is a name for that kind of access.

Then you may take a look at the laminas/laminas-permissions-rbac package.

1 Like