[dfae77e] | 1 | <?php
|
---|
| 2 |
|
---|
| 3 | use Illuminate\Support\Str;
|
---|
| 4 |
|
---|
| 5 | return [
|
---|
| 6 |
|
---|
| 7 | /*
|
---|
| 8 | |--------------------------------------------------------------------------
|
---|
| 9 | | Default Session Driver
|
---|
| 10 | |--------------------------------------------------------------------------
|
---|
| 11 | |
|
---|
| 12 | | This option controls the default session "driver" that will be used on
|
---|
| 13 | | requests. By default, we will use the lightweight native driver but
|
---|
| 14 | | you may specify any of the other wonderful drivers provided here.
|
---|
| 15 | |
|
---|
| 16 | | Supported: "file", "cookie", "database", "apc",
|
---|
| 17 | | "memcached", "redis", "dynamodb", "array"
|
---|
| 18 | |
|
---|
| 19 | */
|
---|
| 20 |
|
---|
| 21 | 'driver' => env('SESSION_DRIVER', 'file'),
|
---|
| 22 |
|
---|
| 23 | /*
|
---|
| 24 | |--------------------------------------------------------------------------
|
---|
| 25 | | Session Lifetime
|
---|
| 26 | |--------------------------------------------------------------------------
|
---|
| 27 | |
|
---|
| 28 | | Here you may specify the number of minutes that you wish the session
|
---|
| 29 | | to be allowed to remain idle before it expires. If you want them
|
---|
| 30 | | to immediately expire on the browser closing, set that option.
|
---|
| 31 | |
|
---|
| 32 | */
|
---|
| 33 |
|
---|
| 34 | 'lifetime' => env('SESSION_LIFETIME', 120),
|
---|
| 35 |
|
---|
| 36 | 'expire_on_close' => false,
|
---|
| 37 |
|
---|
| 38 | /*
|
---|
| 39 | |--------------------------------------------------------------------------
|
---|
| 40 | | Session Encryption
|
---|
| 41 | |--------------------------------------------------------------------------
|
---|
| 42 | |
|
---|
| 43 | | This option allows you to easily specify that all of your session data
|
---|
| 44 | | should be encrypted before it is stored. All encryption will be run
|
---|
| 45 | | automatically by Laravel and you can use the Session like normal.
|
---|
| 46 | |
|
---|
| 47 | */
|
---|
| 48 |
|
---|
| 49 | 'encrypt' => false,
|
---|
| 50 |
|
---|
| 51 | /*
|
---|
| 52 | |--------------------------------------------------------------------------
|
---|
| 53 | | Session File Location
|
---|
| 54 | |--------------------------------------------------------------------------
|
---|
| 55 | |
|
---|
| 56 | | When using the native session driver, we need a location where session
|
---|
| 57 | | files may be stored. A default has been set for you but a different
|
---|
| 58 | | location may be specified. This is only needed for file sessions.
|
---|
| 59 | |
|
---|
| 60 | */
|
---|
| 61 |
|
---|
| 62 | 'files' => storage_path('framework/sessions'),
|
---|
| 63 |
|
---|
| 64 | /*
|
---|
| 65 | |--------------------------------------------------------------------------
|
---|
| 66 | | Session Database Connection
|
---|
| 67 | |--------------------------------------------------------------------------
|
---|
| 68 | |
|
---|
| 69 | | When using the "database" or "redis" session drivers, you may specify a
|
---|
| 70 | | connection that should be used to manage these sessions. This should
|
---|
| 71 | | correspond to a connection in your database configuration options.
|
---|
| 72 | |
|
---|
| 73 | */
|
---|
| 74 |
|
---|
| 75 | 'connection' => env('SESSION_CONNECTION', null),
|
---|
| 76 |
|
---|
| 77 | /*
|
---|
| 78 | |--------------------------------------------------------------------------
|
---|
| 79 | | Session Database Table
|
---|
| 80 | |--------------------------------------------------------------------------
|
---|
| 81 | |
|
---|
| 82 | | When using the "database" session driver, you may specify the table we
|
---|
| 83 | | should use to manage the sessions. Of course, a sensible default is
|
---|
| 84 | | provided for you; however, you are free to change this as needed.
|
---|
| 85 | |
|
---|
| 86 | */
|
---|
| 87 |
|
---|
| 88 | 'table' => 'sessions',
|
---|
| 89 |
|
---|
| 90 | /*
|
---|
| 91 | |--------------------------------------------------------------------------
|
---|
| 92 | | Session Cache Store
|
---|
| 93 | |--------------------------------------------------------------------------
|
---|
| 94 | |
|
---|
| 95 | | While using one of the framework's cache driven session backends you may
|
---|
| 96 | | list a cache store that should be used for these sessions. This value
|
---|
| 97 | | must match with one of the application's configured cache "stores".
|
---|
| 98 | |
|
---|
| 99 | | Affects: "apc", "dynamodb", "memcached", "redis"
|
---|
| 100 | |
|
---|
| 101 | */
|
---|
| 102 |
|
---|
| 103 | 'store' => env('SESSION_STORE', null),
|
---|
| 104 |
|
---|
| 105 | /*
|
---|
| 106 | |--------------------------------------------------------------------------
|
---|
| 107 | | Session Sweeping Lottery
|
---|
| 108 | |--------------------------------------------------------------------------
|
---|
| 109 | |
|
---|
| 110 | | Some session drivers must manually sweep their storage location to get
|
---|
| 111 | | rid of old sessions from storage. Here are the chances that it will
|
---|
| 112 | | happen on a given request. By default, the odds are 2 out of 100.
|
---|
| 113 | |
|
---|
| 114 | */
|
---|
| 115 |
|
---|
| 116 | 'lottery' => [2, 100],
|
---|
| 117 |
|
---|
| 118 | /*
|
---|
| 119 | |--------------------------------------------------------------------------
|
---|
| 120 | | Session Cookie Name
|
---|
| 121 | |--------------------------------------------------------------------------
|
---|
| 122 | |
|
---|
| 123 | | Here you may change the name of the cookie used to identify a session
|
---|
| 124 | | instance by ID. The name specified here will get used every time a
|
---|
| 125 | | new session cookie is created by the framework for every driver.
|
---|
| 126 | |
|
---|
| 127 | */
|
---|
| 128 |
|
---|
| 129 | 'cookie' => env(
|
---|
| 130 | 'SESSION_COOKIE',
|
---|
| 131 | Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
|
---|
| 132 | ),
|
---|
| 133 |
|
---|
| 134 | /*
|
---|
| 135 | |--------------------------------------------------------------------------
|
---|
| 136 | | Session Cookie Path
|
---|
| 137 | |--------------------------------------------------------------------------
|
---|
| 138 | |
|
---|
| 139 | | The session cookie path determines the path for which the cookie will
|
---|
| 140 | | be regarded as available. Typically, this will be the root path of
|
---|
| 141 | | your application but you are free to change this when necessary.
|
---|
| 142 | |
|
---|
| 143 | */
|
---|
| 144 |
|
---|
| 145 | 'path' => '/',
|
---|
| 146 |
|
---|
| 147 | /*
|
---|
| 148 | |--------------------------------------------------------------------------
|
---|
| 149 | | Session Cookie Domain
|
---|
| 150 | |--------------------------------------------------------------------------
|
---|
| 151 | |
|
---|
| 152 | | Here you may change the domain of the cookie used to identify a session
|
---|
| 153 | | in your application. This will determine which domains the cookie is
|
---|
| 154 | | available to in your application. A sensible default has been set.
|
---|
| 155 | |
|
---|
| 156 | */
|
---|
| 157 |
|
---|
| 158 | 'domain' => env('SESSION_DOMAIN', null),
|
---|
| 159 |
|
---|
| 160 | /*
|
---|
| 161 | |--------------------------------------------------------------------------
|
---|
| 162 | | HTTPS Only Cookies
|
---|
| 163 | |--------------------------------------------------------------------------
|
---|
| 164 | |
|
---|
| 165 | | By setting this option to true, session cookies will only be sent back
|
---|
| 166 | | to the server if the browser has a HTTPS connection. This will keep
|
---|
| 167 | | the cookie from being sent to you when it can't be done securely.
|
---|
| 168 | |
|
---|
| 169 | */
|
---|
| 170 |
|
---|
| 171 | 'secure' => env('SESSION_SECURE_COOKIE'),
|
---|
| 172 |
|
---|
| 173 | /*
|
---|
| 174 | |--------------------------------------------------------------------------
|
---|
| 175 | | HTTP Access Only
|
---|
| 176 | |--------------------------------------------------------------------------
|
---|
| 177 | |
|
---|
| 178 | | Setting this value to true will prevent JavaScript from accessing the
|
---|
| 179 | | value of the cookie and the cookie will only be accessible through
|
---|
| 180 | | the HTTP protocol. You are free to modify this option if needed.
|
---|
| 181 | |
|
---|
| 182 | */
|
---|
| 183 |
|
---|
| 184 | 'http_only' => true,
|
---|
| 185 |
|
---|
| 186 | /*
|
---|
| 187 | |--------------------------------------------------------------------------
|
---|
| 188 | | Same-Site Cookies
|
---|
| 189 | |--------------------------------------------------------------------------
|
---|
| 190 | |
|
---|
| 191 | | This option determines how your cookies behave when cross-site requests
|
---|
| 192 | | take place, and can be used to mitigate CSRF attacks. By default, we
|
---|
| 193 | | will set this value to "lax" since this is a secure default value.
|
---|
| 194 | |
|
---|
| 195 | | Supported: "lax", "strict", "none", null
|
---|
| 196 | |
|
---|
| 197 | */
|
---|
| 198 |
|
---|
| 199 | 'same_site' => 'lax',
|
---|
| 200 |
|
---|
| 201 | ];
|
---|