source: config/session.php@ d9c4096

main
Last change on this file since d9c4096 was c454c0f, checked in by bube-ristovska <ristovska725@…>, 11 months ago

First commit

  • Property mode set to 100644
File size: 7.3 KB
RevLine 
[c454c0f]1<?php
2
3use Illuminate\Support\Str;
4
5return [
6
7 /*
8 |--------------------------------------------------------------------------
9 | Default Session Driver
10 |--------------------------------------------------------------------------
11 |
12 | This option controls the default session "driver" that will be used on
13 | requests. By default, we will use the lightweight native driver but
14 | you may specify any of the other wonderful drivers provided here.
15 |
16 | Supported: "file", "cookie", "database", "apc",
17 | "memcached", "redis", "dynamodb", "array"
18 |
19 */
20
21 'driver' => env('SESSION_DRIVER', 'file'),
22
23 /*
24 |--------------------------------------------------------------------------
25 | Session Lifetime
26 |--------------------------------------------------------------------------
27 |
28 | Here you may specify the number of minutes that you wish the session
29 | to be allowed to remain idle before it expires. If you want them
30 | to immediately expire on the browser closing, set that option.
31 |
32 */
33
34 'lifetime' => env('SESSION_LIFETIME', 120),
35
36 'expire_on_close' => false,
37
38 /*
39 |--------------------------------------------------------------------------
40 | Session Encryption
41 |--------------------------------------------------------------------------
42 |
43 | This option allows you to easily specify that all of your session data
44 | should be encrypted before it is stored. All encryption will be run
45 | automatically by Laravel and you can use the Session like normal.
46 |
47 */
48
49 'encrypt' => false,
50
51 /*
52 |--------------------------------------------------------------------------
53 | Session File Location
54 |--------------------------------------------------------------------------
55 |
56 | When using the native session driver, we need a location where session
57 | files may be stored. A default has been set for you but a different
58 | location may be specified. This is only needed for file sessions.
59 |
60 */
61
62 'files' => storage_path('framework/sessions'),
63
64 /*
65 |--------------------------------------------------------------------------
66 | Session Database Connection
67 |--------------------------------------------------------------------------
68 |
69 | When using the "database" or "redis" session drivers, you may specify a
70 | connection that should be used to manage these sessions. This should
71 | correspond to a connection in your database configuration options.
72 |
73 */
74
75 'connection' => env('SESSION_CONNECTION'),
76
77 /*
78 |--------------------------------------------------------------------------
79 | Session Database Table
80 |--------------------------------------------------------------------------
81 |
82 | When using the "database" session driver, you may specify the table we
83 | should use to manage the sessions. Of course, a sensible default is
84 | provided for you; however, you are free to change this as needed.
85 |
86 */
87
88 'table' => 'sessions',
89
90 /*
91 |--------------------------------------------------------------------------
92 | Session Cache Store
93 |--------------------------------------------------------------------------
94 |
95 | While using one of the framework's cache driven session backends you may
96 | list a cache store that should be used for these sessions. This value
97 | must match with one of the application's configured cache "stores".
98 |
99 | Affects: "apc", "dynamodb", "memcached", "redis"
100 |
101 */
102
103 'store' => env('SESSION_STORE'),
104
105 /*
106 |--------------------------------------------------------------------------
107 | Session Sweeping Lottery
108 |--------------------------------------------------------------------------
109 |
110 | Some session drivers must manually sweep their storage location to get
111 | rid of old sessions from storage. Here are the chances that it will
112 | happen on a given request. By default, the odds are 2 out of 100.
113 |
114 */
115
116 'lottery' => [2, 100],
117
118 /*
119 |--------------------------------------------------------------------------
120 | Session Cookie Name
121 |--------------------------------------------------------------------------
122 |
123 | Here you may change the name of the cookie used to identify a session
124 | instance by ID. The name specified here will get used every time a
125 | new session cookie is created by the framework for every driver.
126 |
127 */
128
129 'cookie' => env(
130 'SESSION_COOKIE',
131 Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
132 ),
133
134 /*
135 |--------------------------------------------------------------------------
136 | Session Cookie Path
137 |--------------------------------------------------------------------------
138 |
139 | The session cookie path determines the path for which the cookie will
140 | be regarded as available. Typically, this will be the root path of
141 | your application but you are free to change this when necessary.
142 |
143 */
144
145 'path' => '/',
146
147 /*
148 |--------------------------------------------------------------------------
149 | Session Cookie Domain
150 |--------------------------------------------------------------------------
151 |
152 | Here you may change the domain of the cookie used to identify a session
153 | in your application. This will determine which domains the cookie is
154 | available to in your application. A sensible default has been set.
155 |
156 */
157
158 'domain' => env('SESSION_DOMAIN'),
159
160 /*
161 |--------------------------------------------------------------------------
162 | HTTPS Only Cookies
163 |--------------------------------------------------------------------------
164 |
165 | By setting this option to true, session cookies will only be sent back
166 | to the server if the browser has a HTTPS connection. This will keep
167 | the cookie from being sent to you when it can't be done securely.
168 |
169 */
170
171 'secure' => env('SESSION_SECURE_COOKIE'),
172
173 /*
174 |--------------------------------------------------------------------------
175 | HTTP Access Only
176 |--------------------------------------------------------------------------
177 |
178 | Setting this value to true will prevent JavaScript from accessing the
179 | value of the cookie and the cookie will only be accessible through
180 | the HTTP protocol. You are free to modify this option if needed.
181 |
182 */
183
184 'http_only' => true,
185
186 /*
187 |--------------------------------------------------------------------------
188 | Same-Site Cookies
189 |--------------------------------------------------------------------------
190 |
191 | This option determines how your cookies behave when cross-site requests
192 | take place, and can be used to mitigate CSRF attacks. By default, we
193 | will set this value to "lax" since this is a secure default value.
194 |
195 | Supported: "lax", "strict", "none", null
196 |
197 */
198
199 'same_site' => 'lax',
200
201 /*
202 |--------------------------------------------------------------------------
203 | Partitioned Cookies
204 |--------------------------------------------------------------------------
205 |
206 | Setting this value to true will tie the cookie to the top-level site for
207 | a cross-site context. Partitioned cookies are accepted by the browser
208 | when flagged "secure" and the Same-Site attribute is set to "none".
209 |
210 */
211
212 'partitioned' => false,
213
214];
Note: See TracBrowser for help on using the repository browser.