Can I use the session service directly instead of via the request?

Neograph734

2/24/23, 3:01 PM

The Drupal documentation on sessions mentions that sessions can be accessed via the Request object:

Session data is accessed via the \Symfony\Component\HttpFoundation\Request::getSession() method, which returns an instance of \Symfony\Component\HttpFoundation\Session\SessionInterface. The most important methods on SessionInterface are set(), get(), and remove().

However I've also dicovered there is a session service.

In a class where I need to use dependency injection and I do not by default have access to the Request object, do I still need to access the session via the request, or can I use it directy? Loading the Request instead and then accessing the session feels like adding overhead.

I have tried below code, which seems to be working fine. So then why do most examples and even the documentation still demonstrate the Request way? Am I missing something, or is there a risk in this approach?

class MyForm extends FormBase {

  /**
   * The session.
   *
   * @var \Symfony\Component\HttpFoundation\Session\Session
   */
  protected $session;

  /**
   *
   * @param \Symfony\Component\HttpFoundation\Session\Session $session
   *   The session.
   */
  public function __construct($session) {
    $this->session = $session;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static(
      $container->get('session')
    );
  }

  function somefunction() {
    $this->session->get('value');
    $this->session->set('value', 'somevalue');
  }

}

0 + 0

sessions

http-request

dependency-injection

Score:0

Drupal

4uk4

2/24/23, 9:48 PM

... is there a risk in this approach?

If you have multiple requests you could get the wrong session object. Drupal moved a lot of things out of the request object, like routing and even the path info, but they didn't implemented a stacked session service and instead kept the session object in the request stack.

If you want to inject this service there is already a property in FormBase with getter and setter methods.

This works injected or not (see the comments at the top of the class):

$session = $this->getRequest()->getSession();

0 + 0

Neograph734

2/25/23, 10:44 AM

Thanks, I was not aware that the Form already had a method to access the request; that is obviously the cleanest way. I still don't fully get how there can be more sessions for a single user, I'd say that all requests are part of the same session. I can, however, understand that second tabs and AJAX requests might alter the contents of the session.

4uk4

2/25/23, 11:07 AM

For example in a test you could mock a session or another module could run your form in a sub-request with a different session than the main request.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can I use the session service directly instead of via the request?

TH: ฉันสามารถใช้บริการเซสชันโดยตรงแทนการร้องขอได้หรือไม่

RO: Pot folosi serviciul de sesiune direct în loc de prin intermediul solicitării?

RU: Могу ли я использовать службу сеанса напрямую, а не через запрос?

VI: Tôi có thể sử dụng dịch vụ phiên trực tiếp thay vì thông qua yêu cầu không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.