Document session, sales-channel context, and cart lifecycles with clear config boundaries

[Copilot]

The docs did not explain how Symfony session lifetime, Store API context lifetime, persisted sales-channel context, and cart expiration interact, which made login/cart persistence behavior hard to reason about. This update adds a single, centralized explanation that separates each lifecycle and its controlling config.

• Added lifecycle overview in guides/hosting/performance/session.md

  • New section: Session, context, and cart lifetime
  • Clarifies that these lifecycles are independent and can expire at different times.

• Added UML sequence diagram (Mermaid)

  • Visualizes flow across browser session cookie, Symfony session, sales-channel context token, and cart token.

• Added config-to-behavior comparison table

  • Distinguishes each setting by scope, token/data affected, and expiration effect:
    • framework.session.cookie_lifetime
    • framework.session.gc_maxlifetime
    • shopware.api.store.context_lifetime
    • shopware.sales_channel_context.expire_days
    • shopware.cart.expire_days

• Added concise risk/capacity guidance

  • Notes security tradeoffs of longer lifetimes on shared devices.
  • Notes infrastructure impact (e.g., higher Redis memory usage) for longer retention windows.

sequenceDiagram
    participant Browser
    participant Symfony Session
    participant Sales Channel Context
    participant Cart
    Browser->>Symfony Session: Store session cookie
    Symfony Session->>Sales Channel Context: Resolve context token
    Sales Channel Context->>Cart: Load cart by token

Loading

[Copilot]

Pull request overview

This PR adds centralized documentation for how Shopware session, Store API context, persisted sales-channel context, and cart lifetimes relate while remaining independently configured.

Changes:

• Adds a new lifecycle overview section to the session performance guide.
• Adds a Mermaid sequence diagram showing how session, context, and cart data are resolved.
• Adds a comparison table mapping lifecycle scope to the relevant configuration setting.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Micha Hobert (Isengo1989)]

Marc (@cramytech) I adjusted the recommendation by CP. Here is a preview of the UML diagram

Any additions you might think of ?

[Marc (cramytech)]

Maybe the Shopware (recommended) default values, a link to the documentation where and how to set these vars and for the Frosh Tools maybe an info that the current php session/cookie settings do not match to the intended lifetime? I see quite a lot of installations where the php.ini defaults for session.gc_maxlifetime = 1440 are still applied.

[Micha Hobert (Isengo1989)]

Maybe the Shopware (recommended) default values, a link to the documentation where and how to set these vars and for the Frosh Tools maybe an info that the current php session/cookie settings do not match to the intended lifetime? I see quite a lot of installations where the php.ini defaults for session.gc_maxlifetime = 1440 are still applied.

Thanks. I will check what is recommended, but as always, this is very much depending on the need. Maybe lets go with mostly used.

We do not manage FroshTools https://github.com/FriendsOfShopware/FroshTools - maybe tinect (@tinect) Felix Schneider (@schneider-felix) could take a look.

[Felix Schneider (schneider-felix)]

If you find the time to create a PR for FroshTools, I'd be happy to merge it. I only skimmed over the topic but it sounds reasonable to me.

[Micha Hobert (Isengo1989)]

Maybe the Shopware (recommended) default values, a link to the documentation where and how to set these vars and for the Frosh Tools maybe an info that the current php session/cookie settings do not match to the intended lifetime? I see quite a lot of installations where the php.ini defaults for session.gc_maxlifetime = 1440 are still applied.

I added an info box and where to set those vars, but left recommendations out. They tend to be very customer specific, also had this experience with +15 shops I managed back in the day. But with that, there should be no more confusion.