Extend Magento 2 Admin Login Time


Every store owner knows how frustrating it is when you constantly have to log in to the Magento 2 admin panel because the session has expired. Extending the M2 admin cookie time is very easy to do luckily, and it will save you a bunch of time that can be better spent elsewhere. It’s fairly easy to do, but there’s a small difference between Magento 2.0 and 2.1. We will show you both solutions below.

Magento 2.0

To change the backend session time, navigate to the following pages in the admin panel.

Stores -> Settings -> Configuration -> Advanced -> Admin -> Security -> Admin Session Lifetime. The session lifetime is specified in seconds as you can probably guess from the high number it’s set on by default. Change it to the number of seconds you would like to stay logged in and hit save.

You can also change the admin session time directly in the MySQL database. This can be done by looking for the “core_config_data” table and changing the “admin/security/session_lifetime” path.

Magento 2.1

In version 2.1 of Magento, the admin login cookie is changed to a “session”. This enables store owners to set a specified time in the backend by navigating to the page we outlined above, OR they can choose “when admin closes browser”. This means the session will automatically end when the admin panel browser/tab is closed. It doesn’t act like a cookie anymore like it did in 2.0. You can change the code by doing the following.

This code you are looking for is displayed in Magento\Backend\Model\Session\AdminConfig.

To change it, simply create a plugin with the following interceptor method for the function.

Where $this->scopeConfig is an instance of Magento\Framework\App\Config\ScopeConfigInterface, injected via a constructor parameter. Now the cookie lifetime is used from the configuration like it was before.

We hope this tutorial has helped you! If you have any questions, please ask them in the comment form below for everyone to see, and we’ll answer them.


Leave A Reply