[0924b6c] | 1 | <?php
|
---|
| 2 |
|
---|
| 3 | use Illuminate\Support\Str;
|
---|
| 4 |
|
---|
| 5 | return [
|
---|
| 6 |
|
---|
| 7 | /*
|
---|
| 8 | |--------------------------------------------------------------------------
|
---|
| 9 | | Default Session Driver
|
---|
| 10 | |--------------------------------------------------------------------------
|
---|
| 11 | |
|
---|
| 12 | | This option controls the default session "driver" that will be used on
|
---|
| 13 | | requests. By default, we will use the lightweight native driver but
|
---|
| 14 | | you may specify any of the other wonderful drivers provided here.
|
---|
| 15 | |
|
---|
| 16 | | Supported: "file", "cookie", "database", "apc",
|
---|
| 17 | | "memcached", "redis", "array"
|
---|
| 18 | |
|
---|
| 19 | */
|
---|
| 20 |
|
---|
| 21 | 'driver' => env('SESSION_DRIVER', 'file'),
|
---|
| 22 |
|
---|
| 23 | /*
|
---|
| 24 | |--------------------------------------------------------------------------
|
---|
| 25 | | Session Lifetime
|
---|
| 26 | |--------------------------------------------------------------------------
|
---|
| 27 | |
|
---|
| 28 | | Here you may specify the number of minutes that you wish the session
|
---|
| 29 | | to be allowed to remain idle before it expires. If you want them
|
---|
| 30 | | to immediately expire on the browser closing, set that option.
|
---|
| 31 | |
|
---|
| 32 | */
|
---|
| 33 |
|
---|
| 34 | 'lifetime' => env('SESSION_LIFETIME', 120),
|
---|
| 35 |
|
---|
| 36 | 'expire_on_close' => true,
|
---|
| 37 |
|
---|
| 38 | /*
|
---|
| 39 | |--------------------------------------------------------------------------
|
---|
| 40 | | Session Encryption
|
---|
| 41 | |--------------------------------------------------------------------------
|
---|
| 42 | |
|
---|
| 43 | | This option allows you to easily specify that all of your session data
|
---|
| 44 | | should be encrypted before it is stored. All encryption will be run
|
---|
| 45 | | automatically by Laravel and you can use the Session like normal.
|
---|
| 46 | |
|
---|
| 47 | */
|
---|
| 48 |
|
---|
| 49 | 'encrypt' => false,
|
---|
| 50 |
|
---|
| 51 | /*
|
---|
| 52 | |--------------------------------------------------------------------------
|
---|
| 53 | | Session File Location
|
---|
| 54 | |--------------------------------------------------------------------------
|
---|
| 55 | |
|
---|
| 56 | | When using the native session driver, we need a location where session
|
---|
| 57 | | files may be stored. A default has been set for you but a different
|
---|
| 58 | | location may be specified. This is only needed for file sessions.
|
---|
| 59 | |
|
---|
| 60 | */
|
---|
| 61 |
|
---|
| 62 | 'files' => storage_path('framework/sessions'),
|
---|
| 63 |
|
---|
| 64 | /*
|
---|
| 65 | |--------------------------------------------------------------------------
|
---|
| 66 | | Session Database Connection
|
---|
| 67 | |--------------------------------------------------------------------------
|
---|
| 68 | |
|
---|
| 69 | | When using the "database" or "redis" session drivers, you may specify a
|
---|
| 70 | | connection that should be used to manage these sessions. This should
|
---|
| 71 | | correspond to a connection in your database configuration options.
|
---|
| 72 | |
|
---|
| 73 | */
|
---|
| 74 |
|
---|
| 75 | 'connection' => env('SESSION_CONNECTION', null),
|
---|
| 76 |
|
---|
| 77 | /*
|
---|
| 78 | |--------------------------------------------------------------------------
|
---|
| 79 | | Session Database Table
|
---|
| 80 | |--------------------------------------------------------------------------
|
---|
| 81 | |
|
---|
| 82 | | When using the "database" session driver, you may specify the table we
|
---|
| 83 | | should use to manage the sessions. Of course, a sensible default is
|
---|
| 84 | | provided for you; however, you are free to change this as needed.
|
---|
| 85 | |
|
---|
| 86 | */
|
---|
| 87 |
|
---|
| 88 | 'table' => 'sessions',
|
---|
| 89 |
|
---|
| 90 | /*
|
---|
| 91 | |--------------------------------------------------------------------------
|
---|
| 92 | | Session Cache Store
|
---|
| 93 | |--------------------------------------------------------------------------
|
---|
| 94 | |
|
---|
| 95 | | When using the "apc" or "memcached" session drivers, you may specify a
|
---|
| 96 | | cache store that should be used for these sessions. This value must
|
---|
| 97 | | correspond with one of the application's configured cache stores.
|
---|
| 98 | |
|
---|
| 99 | */
|
---|
| 100 |
|
---|
| 101 | 'store' => env('SESSION_STORE', null),
|
---|
| 102 |
|
---|
| 103 | /*
|
---|
| 104 | |--------------------------------------------------------------------------
|
---|
| 105 | | Session Sweeping Lottery
|
---|
| 106 | |--------------------------------------------------------------------------
|
---|
| 107 | |
|
---|
| 108 | | Some session drivers must manually sweep their storage location to get
|
---|
| 109 | | rid of old sessions from storage. Here are the chances that it will
|
---|
| 110 | | happen on a given request. By default, the odds are 2 out of 100.
|
---|
| 111 | |
|
---|
| 112 | */
|
---|
| 113 |
|
---|
| 114 | 'lottery' => [2, 100],
|
---|
| 115 |
|
---|
| 116 | /*
|
---|
| 117 | |--------------------------------------------------------------------------
|
---|
| 118 | | Session Cookie Name
|
---|
| 119 | |--------------------------------------------------------------------------
|
---|
| 120 | |
|
---|
| 121 | | Here you may change the name of the cookie used to identify a session
|
---|
| 122 | | instance by ID. The name specified here will get used every time a
|
---|
| 123 | | new session cookie is created by the framework for every driver.
|
---|
| 124 | |
|
---|
| 125 | */
|
---|
| 126 |
|
---|
| 127 | 'cookie' => env(
|
---|
| 128 | 'SESSION_COOKIE',
|
---|
| 129 | Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
|
---|
| 130 | ),
|
---|
| 131 |
|
---|
| 132 | /*
|
---|
| 133 | |--------------------------------------------------------------------------
|
---|
| 134 | | Session Cookie Path
|
---|
| 135 | |--------------------------------------------------------------------------
|
---|
| 136 | |
|
---|
| 137 | | The session cookie path determines the path for which the cookie will
|
---|
| 138 | | be regarded as available. Typically, this will be the root path of
|
---|
| 139 | | your application but you are free to change this when necessary.
|
---|
| 140 | |
|
---|
| 141 | */
|
---|
| 142 |
|
---|
| 143 | 'path' => '/',
|
---|
| 144 |
|
---|
| 145 | /*
|
---|
| 146 | |--------------------------------------------------------------------------
|
---|
| 147 | | Session Cookie Domain
|
---|
| 148 | |--------------------------------------------------------------------------
|
---|
| 149 | |
|
---|
| 150 | | Here you may change the domain of the cookie used to identify a session
|
---|
| 151 | | in your application. This will determine which domains the cookie is
|
---|
| 152 | | available to in your application. A sensible default has been set.
|
---|
| 153 | |
|
---|
| 154 | */
|
---|
| 155 |
|
---|
| 156 | 'domain' => env('SESSION_DOMAIN', null),
|
---|
| 157 |
|
---|
| 158 | /*
|
---|
| 159 | |--------------------------------------------------------------------------
|
---|
| 160 | | HTTPS Only Cookies
|
---|
| 161 | |--------------------------------------------------------------------------
|
---|
| 162 | |
|
---|
| 163 | | By setting this option to true, session cookies will only be sent back
|
---|
| 164 | | to the server if the browser has a HTTPS connection. This will keep
|
---|
| 165 | | the cookie from being sent to you if it can not be done securely.
|
---|
| 166 | |
|
---|
| 167 | */
|
---|
| 168 |
|
---|
| 169 | 'secure' => env('SESSION_SECURE_COOKIE', false),
|
---|
| 170 |
|
---|
| 171 | /*
|
---|
| 172 | |--------------------------------------------------------------------------
|
---|
| 173 | | HTTP Access Only
|
---|
| 174 | |--------------------------------------------------------------------------
|
---|
| 175 | |
|
---|
| 176 | | Setting this value to true will prevent JavaScript from accessing the
|
---|
| 177 | | value of the cookie and the cookie will only be accessible through
|
---|
| 178 | | the HTTP protocol. You are free to modify this option if needed.
|
---|
| 179 | |
|
---|
| 180 | */
|
---|
| 181 |
|
---|
| 182 | 'http_only' => true,
|
---|
| 183 |
|
---|
| 184 | /*
|
---|
| 185 | |--------------------------------------------------------------------------
|
---|
| 186 | | Same-Site Cookies
|
---|
| 187 | |--------------------------------------------------------------------------
|
---|
| 188 | |
|
---|
| 189 | | This option determines how your cookies behave when cross-site requests
|
---|
| 190 | | take place, and can be used to mitigate CSRF attacks. By default, we
|
---|
| 191 | | do not enable this as other CSRF protection services are in place.
|
---|
| 192 | |
|
---|
| 193 | | Supported: "lax", "strict"
|
---|
| 194 | |
|
---|
| 195 | */
|
---|
| 196 |
|
---|
| 197 | 'same_site' => null,
|
---|
| 198 |
|
---|
| 199 | ];
|
---|