PHPackages                             dwendrich/expressive-session-middleware - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. dwendrich/expressive-session-middleware

ActiveLibrary[HTTP &amp; Networking](/categories/http)

dwendrich/expressive-session-middleware
=======================================

Session handling middleware for use with zend expressive 3 based on zend-session.

1.0.0(8y ago)33.3k4MITPHPPHP ^7.1

Since Apr 25Pushed 8y agoCompare

[ Source](https://github.com/dwendrich/expressive-session-middleware)[ Packagist](https://packagist.org/packages/dwendrich/expressive-session-middleware)[ RSS](/packages/dwendrich-expressive-session-middleware/feed)WikiDiscussions master Synced 2w ago

READMEChangelogDependencies (7)Versions (12)Used By (0)

expressive-session-middleware
=============================

[](#expressive-session-middleware)

Session handling middleware based on zend-session for use in zend expressive 3 applications.

[![Build Status](https://camo.githubusercontent.com/ad66c9b7750f4ae87372a40d1657d5ba9a2ee0aa4fc76c600b2b20e1701b6a2e/68747470733a2f2f7472617669732d63692e6f72672f6477656e64726963682f657870726573736976652d73657373696f6e2d6d6964646c65776172652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/dwendrich/expressive-session-middleware)[![Coverage Status](https://camo.githubusercontent.com/6fa3ab55d5f3acc97637c11a775c6b3483b2ede8154abf1ac6ecf35ad5ee70ea/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f6477656e64726963682f657870726573736976652d73657373696f6e2d6d6964646c65776172652e7376673f7374796c653d666c6174)](https://codecov.io/gh/dwendrich/expressive-session-middleware)[![Latest Stable Version](https://camo.githubusercontent.com/7dee0020b54c63300415b83bc31099e5d3c177e1fa44290caa108cbbb085cc86/687474703a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6477656e64726963682f657870726573736976652d73657373696f6e2d6d6964646c65776172652e7376673f7374796c653d666c6174)](https://packagist.org/packages/dwendrich/expressive-session-middleware)

PSR-15 Support
--------------

[](#psr-15-support)

This version supports [PSR-15](https://www.php-fig.org/psr/psr-15) instead of http-interop/http-middleware interfaces, as currently implemented by zend expressive 3. For use with older versions of zend expressive, please refer to version 0.1.9.

Requirements
------------

[](#requirements)

- PHP 7.1 or above
- [zendframework/zend-session](https://docs.zendframework.com/zend-session/)

Installation
------------

[](#installation)

Install the latest version with composer. For information on how to get composer or how to use it, please refer to [getcomposer.org](http://getcomposer.org).

```
$ composer require dwendrich/expressive-session-middleware
```

If during installation you are prompted to inject `Zend\Session\ConfigProvider` into your configuration, you can simply ignore and continue without it. All relevant configuration is part of `SessionMiddleware\ConfigProvider`.

As part of a zend-expressive application add `SessionMiddleware\ConfigProvider::class` to `config/config.php`:

```
$aggregator = new ConfigAggregator([

    // enable SessionMiddleware
    SessionMiddleware\ConfigProvider::class,

    // ... other stuff goes here

    // Load application config in a pre-defined order in such a way that local settings
    // overwrite global settings. (Loaded as first to last):
    //   - `global.php`
    //   - `*.global.php`
    //   - `local.php`
    //   - `*.local.php`
    new PhpFileProvider('config/autoload/{{,*.}global,{,*.}local}.php'),

    // Load development config if it exists
    new PhpFileProvider('config/development.config.php'),
], $cacheConfig['config_cache_path']);
```

There are two ways of integrating the session middleware into your application.

#### 1. Add the middleware to the programmatic middlewarepipeline

[](#1-add-the-middleware-to-the-programmatic-middlewarepipeline)

You can add the middleware to the file `config/pipeline.php`:

```
// Register session handling middleware
$app->pipe(SessionMiddleware::class);

// Register the routing middleware in the middleware pipeline
$app->pipe(\Zend\Expressive\Router\Middleware\RouteMiddleware::class);
$app->pipe(ImplicitHeadMiddleware::class);
$app->pipe(ImplicitOptionsMiddleware::class);
$app->pipe(UrlHelperMiddleware::class);
```

Depending on which middleware should get access to the session, you should prepend `SessionMiddleware` in the pipeline. Commonly before registering the routing middleware is a good way to go.

This way the middleware is invoked on every request to your application. Since session handling may produce some overhead, which isn't always needed, there is an alternative:

#### 2. Add the middleware to a specific route

[](#2-add-the-middleware-to-a-specific-route)

Add a route definition to either `config/routes.php` or a `RouteDelegator` as part of your application:

```
$app->route(
    '/path-to-my-action',
    [
        SessionMiddleware::class,
        MyApp\Action\MyAction::class
    ],
    ['GET'],
    'path-to-my-action'
);
```

This way session handling is bound to a specific path in your application where it may be needed.

For further information on programmatic pipelines and routing in zend expressive please refer to the [documentation](https://docs.zendframework.com/zend-expressive/cookbook/autowiring-routes-and-pipelines/).

Basic usage
-----------

[](#basic-usage)

Once the session middleware is invoked it will start the session and adds the session manager object as attribute to the current request. Any middleware which processes this request subsequently, can detect that session handling is started by testing against the request attribute:

```
/**
 * Process an incoming server request and return a response, optionally delegating
 * to the next middleware component to create the response.
 *
 * @param ServerRequestInterface $request
 * @param DelegateInterface $delegate
 *
 * @return ResponseInterface
 */
public function process(ServerRequestInterface $request, DelegateInterface $delegate) : ResponseInterface
{
    $sessionManager = $request->getAttribute(SessionMiddleware::SESSION_ATTRIBUTE, false);

    if ($sessionManager) {
        // sessionManager is present and can be used
    }

    // further request processing goes here...
}
```

### Storing and retrieving session data

[](#storing-and-retrieving-session-data)

Zend session component uses `Container` objects to access and store session data. For information on this concept please refer to the [documentation](https://docs.zendframework.com/zend-session/container/).

Following is a simple example on how to use a `Container`:

```
use Zend\Session\Container;

$container = Container('my_namespace');

// save 'foo' into the `item` key
$container->item = 'foo';
```

In another part of the application you may want to access this data:

```
use Zend\Session\Container;

$container = Container('my_namespace');

// read the content from the `item` key
$foo = $container->item;
```

Configuration
-------------

[](#configuration)

The session can be configured by adding a `session.global.php` to your `config/autoload` path, for example. You can use `session.global.php.dist` file (see [session.global.php.dist](config/session.global.php.dist)) as template.

```
return [
    'session' => [
        'config' => [
            'options' => [
                'name' => 'my_special_session_name',
                'use_cookies' => true,
                'cookie_secure' => false,
            ],
        ],
    ],
];
```

For possible configuration options please refer to the documentation of [zend-session](https://docs.zendframework.com/zend-session/config/#standard-config) component.

You can override the session configuration instance with any instance or class implementing `Zend\Session\Config\ConfigInterface`. Simply specify it in session configuration:

```
return [
    'session' => [
        'class' => Zend\Session\Config\StandardConfig::class,
        'options' => [
            'name' => 'my_app',
        ],
    ],
];
```

For using a certain session storage adapter you can override it in the config, as well. Therefore it has to implement `Zend\Session\Storage\StorageInterface`:

```
return [
    'session' => [
        'storage' => new MyApp\Session\StorageAdapter::class,
    ],
];
```

To add validators to the session manager, you cann define them in the config, too, for example:

```
return [
    'session' => [
        'validators' => [
            Session\Validator\RemoteAddr::class,
            Session\Validator\HttpUserAgent::class,
        ],
    ],
];
```

###  Health Score

33

—

LowBetter than 72% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity22

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity65

Established project with proven stability

 Bus Factor1

Top contributor holds 96.8% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~42 days

Recently: every ~105 days

Total

11

Last Release

2931d ago

Major Versions

0.1.9 → 1.0.02018-06-21

PHP version history (2 changes)0.1.0PHP ^7.0

1.0.0PHP ^7.1

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/27724412?v=4)[Daniel Wendrich](/maintainers/dwendrich)[@dwendrich](https://github.com/dwendrich)

---

Top Contributors

[![dwendrich](https://avatars.githubusercontent.com/u/27724412?v=4)](https://github.com/dwendrich "dwendrich (30 commits)")[![BenCavens](https://avatars.githubusercontent.com/u/497668?v=4)](https://github.com/BenCavens "BenCavens (1 commits)")

---

Tags

expressivemiddlewarephpsessionzendzend-sessionmiddlewarezendpsr-15expressivesession handling

###  Code Quality

TestsPHPUnit

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/dwendrich-expressive-session-middleware/health.svg)

```
[![Health](https://phpackages.com/badges/dwendrich-expressive-session-middleware/health.svg)](https://phpackages.com/packages/dwendrich-expressive-session-middleware)
```

###  Alternatives

[mezzio/mezzio

PSR-15 Middleware Microframework

3913.8M120](/packages/mezzio-mezzio)[laminas/laminas-stratigility

PSR-7 middleware foundation for building and dispatching middleware pipelines

577.0M95](/packages/laminas-laminas-stratigility)[relay/relay

A PSR-15 server request handler.

3302.2M95](/packages/relay-relay)[mezzio/mezzio-authentication-oauth2

OAuth2 (server) authentication middleware for Mezzio and PSR-7 applications.

28545.4k3](/packages/mezzio-mezzio-authentication-oauth2)[mezzio/mezzio-authentication

Authentication middleware for Mezzio and PSR-7 applications

131.7M39](/packages/mezzio-mezzio-authentication)[middlewares/utils

Common utils for PSR-15 middleware packages

503.6M94](/packages/middlewares-utils)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)