Symfony 2: How to set the session lifetime at login?

Question

I have a custom login form for my Symfony 2 application. In this form I have a choice field with multiple options to set the max idle time of the login session. I want to be able to set the session lifetime at the login action. Unfortunately the loginaction is stored in the FOSUserBundle which can not be modified cause of future updates of the bundle.

This is what I found out so far, correct me if I am wrong:
First the lifetime in symfony can be destroyed after a period of time, as described here.

Second I have to be able to catch/intercept the login action/validation to set a parameter in parameter.yml.

The parameter then can be used in a listener to check if the maxlifetime isn't exceeded.

So my question is split in two other questions:

1. How do I catch/intercept the login action/validation?
2. Is there a way to create a listener that checks the idle time while nothing happens (or can there be check on the next request)?

Answer 1

I am guessing,

1. You need a Login success handler. Read the following to understand that

   Symfony2 Login and Security

2. You can also write an EventListener for Controller/Kernel Request Events where you can compare idle times of a user.

   http://symfony.com/doc/current/cookbook/service_container/event_listener.html#request-events-checking-types

To my knowledge, it is not a good idea to add parameters values for this kind of requirement.

If you need to destroy a user session, why not set the login time at the authentication success handler (can save it on session or user entity last login), and at the controller listener you can compare the length of the login and reset the users session?