Problem:
Authentication session times out too often or too quickly, or the user can't log in at all and sees the message, "Due to extended inactivity your session has expired."
Solution:
Try below options one by one.
Make sure session.cookie_lifetime (Default: 0) is greater than the above setting or is set to 0.
session.cookie_lifetime specifies the lifetime of the cookie, in seconds, that is sent to the browser.
Make sure session.gc_maxlifetime (Default: 1440 (24 minutes)) is greater than the above setting.
session.gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and potentially cleaned up.
Note that session.cookie_lifetime and session.gc_maxlifetime are specified in seconds, but Session expires is specified in minutes.