session.php 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194
  1. <?php
  2. return [
  3. /*
  4. |--------------------------------------------------------------------------
  5. | Default Session Driver
  6. |--------------------------------------------------------------------------
  7. |
  8. | This option controls the default session "driver" that will be used on
  9. | requests. By default, we will use the lightweight native driver but
  10. | you may specify any of the other wonderful drivers provided here.
  11. |
  12. | Supported: "file", "cookie", "database", "apc",
  13. | "memcached", "redis", "array"
  14. |
  15. */
  16. 'driver' => env('SESSION_DRIVER', 'file'),
  17. /*
  18. |--------------------------------------------------------------------------
  19. | Session Lifetime
  20. |--------------------------------------------------------------------------
  21. |
  22. | Here you may specify the number of minutes that you wish the session
  23. | to be allowed to remain idle before it expires. If you want them
  24. | to immediately expire on the browser closing, set that option.
  25. |
  26. */
  27. 'lifetime' => 120,
  28. 'expire_on_close' => false,
  29. /*
  30. |--------------------------------------------------------------------------
  31. | Session Encryption
  32. |--------------------------------------------------------------------------
  33. |
  34. | This option allows you to easily specify that all of your session data
  35. | should be encrypted before it is stored. All encryption will be run
  36. | automatically by Laravel and you can use the Session like normal.
  37. |
  38. */
  39. 'encrypt' => false,
  40. /*
  41. |--------------------------------------------------------------------------
  42. | Session File Location
  43. |--------------------------------------------------------------------------
  44. |
  45. | When using the native session driver, we need a location where session
  46. | files may be stored. A default has been set for you but a different
  47. | location may be specified. This is only needed for file sessions.
  48. |
  49. */
  50. 'files' => storage_path('framework/sessions'),
  51. /*
  52. |--------------------------------------------------------------------------
  53. | Session Database Connection
  54. |--------------------------------------------------------------------------
  55. |
  56. | When using the "database" or "redis" session drivers, you may specify a
  57. | connection that should be used to manage these sessions. This should
  58. | correspond to a connection in your database configuration options.
  59. |
  60. */
  61. 'connection' => null,
  62. /*
  63. |--------------------------------------------------------------------------
  64. | Session Database Table
  65. |--------------------------------------------------------------------------
  66. |
  67. | When using the "database" session driver, you may specify the table we
  68. | should use to manage the sessions. Of course, a sensible default is
  69. | provided for you; however, you are free to change this as needed.
  70. |
  71. */
  72. 'table' => 'sessions',
  73. /*
  74. |--------------------------------------------------------------------------
  75. | Session Cache Store
  76. |--------------------------------------------------------------------------
  77. |
  78. | When using the "apc" or "memcached" session drivers, you may specify a
  79. | cache store that should be used for these sessions. This value must
  80. | correspond with one of the application's configured cache stores.
  81. |
  82. */
  83. 'store' => null,
  84. /*
  85. |--------------------------------------------------------------------------
  86. | Session Sweeping Lottery
  87. |--------------------------------------------------------------------------
  88. |
  89. | Some session drivers must manually sweep their storage location to get
  90. | rid of old sessions from storage. Here are the chances that it will
  91. | happen on a given request. By default, the odds are 2 out of 100.
  92. |
  93. */
  94. 'lottery' => [2, 100],
  95. /*
  96. |--------------------------------------------------------------------------
  97. | Session Cookie Name
  98. |--------------------------------------------------------------------------
  99. |
  100. | Here you may change the name of the cookie used to identify a session
  101. | instance by ID. The name specified here will get used every time a
  102. | new session cookie is created by the framework for every driver.
  103. |
  104. */
  105. 'cookie' => 'laravel_session',
  106. /*
  107. |--------------------------------------------------------------------------
  108. | Session Cookie Path
  109. |--------------------------------------------------------------------------
  110. |
  111. | The session cookie path determines the path for which the cookie will
  112. | be regarded as available. Typically, this will be the root path of
  113. | your application but you are free to change this when necessary.
  114. |
  115. */
  116. 'path' => '/',
  117. /*
  118. |--------------------------------------------------------------------------
  119. | Session Cookie Domain
  120. |--------------------------------------------------------------------------
  121. |
  122. | Here you may change the domain of the cookie used to identify a session
  123. | in your application. This will determine which domains the cookie is
  124. | available to in your application. A sensible default has been set.
  125. |
  126. */
  127. 'domain' => env('SESSION_DOMAIN', null),
  128. /*
  129. |--------------------------------------------------------------------------
  130. | HTTPS Only Cookies
  131. |--------------------------------------------------------------------------
  132. |
  133. | By setting this option to true, session cookies will only be sent back
  134. | to the server if the browser has a HTTPS connection. This will keep
  135. | the cookie from being sent to you if it can not be done securely.
  136. |
  137. */
  138. 'secure' => env('SESSION_SECURE_COOKIE', false),
  139. /*
  140. |--------------------------------------------------------------------------
  141. | HTTP Access Only
  142. |--------------------------------------------------------------------------
  143. |
  144. | Setting this value to true will prevent JavaScript from accessing the
  145. | value of the cookie and the cookie will only be accessible through
  146. | the HTTP protocol. You are free to modify this option if needed.
  147. |
  148. */
  149. 'http_only' => true,
  150. /*
  151. |--------------------------------------------------------------------------
  152. | Same-Site Cookies
  153. |--------------------------------------------------------------------------
  154. |
  155. | This option determines how your cookies behave when cross-site requests
  156. | take place, and can be used to mitigate CSRF attacks. By default, we
  157. | do not enable this as other CSRF protection services are in place.
  158. |
  159. | Supported: "lax", "strict"
  160. |
  161. */
  162. 'same_site' => null,
  163. ];