Wikimedia Developer Support

Session Cookies: How to set the session cookie expiration date?

Hey,

Does anyone know how Mediawiki deals with session cookies. Apparently I am logged out after every browser session. As it is more convenient to be logged in by default, I tried to change the cookie expiration date using the $wgExtendedLoginCookieExpiration hook on the LocalSettings.php. I set it to 30 days. According to this page (https://www.mediawiki.org/wiki/Manual:$wgExtendedLoginCookieExpiration) this should solve the issue. Unfortunately it doesn’t. I am still logged out everytime that I close the browser. Any thoughts on this here? Any users with similar behaviour?

Best,
Max

Hello SirMaeXchen.

Session cookies are, as the name indicates, only valid during the session lifetime. Those cookies don’t have an expiring time, and are automatically deleted when you close the browser.

$wgExtendedLoginCookieExpiration is for the “keep me logged in” checkbox in the login form. If you mark this checkbox, an additional cookie is set (in addition to the session cookie), with that expiry time. The session cookie will expire anyway when you close your browser, but upon reopening it, the extended login cookie will be sent to the server and MediaWiki should recognize it as a valid login token and automatically issue a session cookie being logged in.

You should be able to see how cookies are sent between browser and server with your browser’s developer console (hit F12 key) and detect if there’s something wrong with that extended login cookie

Such tokens are stored in the object cache IIRC. This means, if your object cache has a small quota and it is exceeded, it may get overwritten by new data, causing such tokens to get lost, and your login won’t be kept active.

1 Like

Hey Ciencia-Al-Poder,

thanks for the hint. Didn’t know that this option was related to the “Keep me logged in” Checkbox.

Best regards,
Max