TIL: How to Explicitly Set Session Expiration in Phoenix

By default Phoenix stores session data in browser cookies. I don’t know why, but I thought the default was for those cookies to never expire. It turns out by default they expire when the browser session ends. I found this out because my users weren’t able to stay logged in beyond a few days.

It took me a while to find it, but the documentation for Plug.Session options shows you can set the max_age key to the number of seconds for it to expire. Typically, your Plug.Session is configured in your lib/my_app_web/endpoint.ex file:

plug Plug.Session,
    store: :cookie,
    max_age: 24*60*60*37,       # 37 days
    key: "_my_app_key",
    signing_salt: "random signing salt"

Now my users will stay logged in for 37 days.

Related Posts

Want to learn about the types of products we build?

Check out our projects

Like what you're seeing? Let's keep in touch.

Subscribe to Our Newsletter