Drupal - Storing data / session for anonymous user

Late answering, but it's worth mentioning that you can use private tempstore for anonymous users, as long as the tempstore has access to an active session. To do so, you need to inject your class with services for the temp store, session, and current user, like so:

public function __construct(PrivateTempStoreFactory $temp_store_factory, SessionManagerInterface $session_manager, AccountInterface $current_user) {
    $this->tempStoreFactory = $temp_store_factory;
    $this->sessionManager = $session_manager;
    $this->currentUser = $current_user;

    $this->store = $this->tempStoreFactory->get('myclass.storename');
}

public static function create(ContainerInterface $container) {
    return new static(
        $container->get('user.private_tempstore'),
        $container->get('session_manager'),
        $container->get('current_user')
    );
}

Then you just need to ensure you start the session manager if the user is anonymous, before you need to put anything in the temp store:

if ($this->currentUser->isAnonymous() && !isset($_SESSION['session_started'])) {
    $_SESSION['session_started'] = true;
    $this->sessionManager->start();
}

You might find this approach preferable because it means that you can use a single system for temporary storage, regardless of whether a user is logged in.

(My code examples are lifted more-or-less verbatim from this excellent tutorial on building multi-step forms.)

In Drupal 8 the session variables can be accessed off the request:

$session = \Drupal::request()->getSession();

If you want to set something in the session, you can do the following:

$profile = 'Person';
$session->set('profile', $profile);

Or to retrieve a session variable:

$details = $session->get('profile');

A session can be anonymous (uid=0). You can simply use $_SESSION and drupal will take care of this.

Store session data:

$_SESSION['mymodule']['variablename'] = $tempdata;

Get session data:

$tempdata = $_SESSION['mymodule']['variablename'];

---

Update 1: Session Object

While there is still work going on in D8 core, see this issue Convert uses of $_SESSION to symfony session retrieved from the request, you can use the session object in the request to store session data. But don't mix it, data you store with one of these methods is not available in the other. See this answer for more details Drupal 8 and Session Management:

class MymoduleSessionCounter {
  function increment(Request $request) {
    $session = $request->getSession();
    $value = $session->get('mymodule_count', 0);
    $session->set('mymodule_count', $value + 1);

    return $value;
  }
}

Update 2: TempStore

The TempStore seems to be very popular in D8. But it's too complicated to store some values like in this question. It is intended for big chunks of data like for example preview data or unsaved Views. Here are the official change records:

Access session data through the Request object

TempStore API added for persistent, expirable storage of non-cache data