web.php

@@ -74,13 +74,23 @@ if (isset($_COOKIE['COOKIES_CONSENT'])) {
 
     session_set_save_handler(Container::$sessionHandler, true);
     session_start([
-        'gc_maxlifetime' => 604800,
         'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
-        'cookie_lifetime' => 604800, // TODO: cookie is not renewed so session can be lost
+        'cookie_lifetime' => 604800,
+        'cookie_path' => '/',
         'cookie_httponly' => true,
         'cookie_samesite' => 'Lax'
     ]);
 
+    if (isset($_COOKIE[session_name()])) {
+        // extend session cookie lifetime is cookie already exists
+        setcookie(session_name(), session_id(), [
+            'expires' => time() + 604800,
+            'path' => '/',
+            'httponly' => true,
+            'samesite' => 'Lax'
+        ]);
+    }
+
     // this is needed to handle old type of session IDs
     if (!Container::$sessionHandler->validateId(session_id())) {
         session_regenerate_id(true);