Alter session expiration depending on user type

I basically want to have the session expiration to vary depending on the ‘user type’

Essentially in the config/main.php I can see the following in the components block…

	'user'				=> array(

		'class'				=> 'application.components.WebUser',

		'allowAutoLogin'	=> true,

		'loginUrl'			=> array('frontend/user/login'),

                'loginRequiredAjaxResponse' => 'CT_SESSION_EXPIRED',

                'authTimeout'       => 3600, // auto-logout after 1hr


This block of my code will log me out after 1 hour, however I only want this to apply to a particular user type…

For instance - I want to execute some logic similar to as follows:

 // if user of this organisation is a admin type do the 4hrs session otherwise 1hr session expiration

 if ( user()->data->organisation->getIsAdmin() ) {

    // set an auto-logout after 4 hours

 } else {

   // set an auto-logout after 1 hour


Can anyone tell me if this is possible?

The best method is to put it in WebUser. It looks like you need to override updateAuthStatus().

this might lead you in the right direction