session.php (6873B)
1 <?php 2 3 return [ 4 5 /* 6 |-------------------------------------------------------------------------- 7 | Default Session Driver 8 |-------------------------------------------------------------------------- 9 | 10 | This option controls the default session "driver" that will be used on 11 | requests. By default, we will use the lightweight native driver but 12 | you may specify any of the other wonderful drivers provided here. 13 | 14 | Supported: "file", "cookie", "database", "apc", 15 | "memcached", "redis", "array" 16 | 17 */ 18 19 'driver' => env('SESSION_DRIVER', 'file'), 20 21 /* 22 |-------------------------------------------------------------------------- 23 | Session Lifetime 24 |-------------------------------------------------------------------------- 25 | 26 | Here you may specify the number of minutes that you wish the session 27 | to be allowed to remain idle before it expires. If you want them 28 | to immediately expire on the browser closing, set that option. 29 | 30 */ 31 32 'lifetime' => env('SESSION_LIFETIME', 120), 33 34 'expire_on_close' => false, 35 36 /* 37 |-------------------------------------------------------------------------- 38 | Session Encryption 39 |-------------------------------------------------------------------------- 40 | 41 | This option allows you to easily specify that all of your session data 42 | should be encrypted before it is stored. All encryption will be run 43 | automatically by Laravel and you can use the Session like normal. 44 | 45 */ 46 47 'encrypt' => true, 48 49 /* 50 |-------------------------------------------------------------------------- 51 | Session File Location 52 |-------------------------------------------------------------------------- 53 | 54 | When using the native session driver, we need a location where session 55 | files may be stored. A default has been set for you but a different 56 | location may be specified. This is only needed for file sessions. 57 | 58 */ 59 60 'files' => storage_path('framework/sessions'), 61 62 /* 63 |-------------------------------------------------------------------------- 64 | Session Database Connection 65 |-------------------------------------------------------------------------- 66 | 67 | When using the "database" or "redis" session drivers, you may specify a 68 | connection that should be used to manage these sessions. This should 69 | correspond to a connection in your database configuration options. 70 | 71 */ 72 73 'connection' => null, 74 75 /* 76 |-------------------------------------------------------------------------- 77 | Session Database Table 78 |-------------------------------------------------------------------------- 79 | 80 | When using the "database" session driver, you may specify the table we 81 | should use to manage the sessions. Of course, a sensible default is 82 | provided for you; however, you are free to change this as needed. 83 | 84 */ 85 86 'table' => 'sessions', 87 88 /* 89 |-------------------------------------------------------------------------- 90 | Session Cache Store 91 |-------------------------------------------------------------------------- 92 | 93 | When using the "apc" or "memcached" session drivers, you may specify a 94 | cache store that should be used for these sessions. This value must 95 | correspond with one of the application's configured cache stores. 96 | 97 */ 98 99 'store' => null, 100 101 /* 102 |-------------------------------------------------------------------------- 103 | Session Sweeping Lottery 104 |-------------------------------------------------------------------------- 105 | 106 | Some session drivers must manually sweep their storage location to get 107 | rid of old sessions from storage. Here are the chances that it will 108 | happen on a given request. By default, the odds are 2 out of 100. 109 | 110 */ 111 112 'lottery' => [2, 100], 113 114 /* 115 |-------------------------------------------------------------------------- 116 | Session Cookie Name 117 |-------------------------------------------------------------------------- 118 | 119 | Here you may change the name of the cookie used to identify a session 120 | instance by ID. The name specified here will get used every time a 121 | new session cookie is created by the framework for every driver. 122 | 123 */ 124 125 'cookie' => env( 126 'SESSION_COOKIE', 127 str_slug(env('APP_NAME', 'laravel'), '_').'_session' 128 ), 129 130 /* 131 |-------------------------------------------------------------------------- 132 | Session Cookie Path 133 |-------------------------------------------------------------------------- 134 | 135 | The session cookie path determines the path for which the cookie will 136 | be regarded as available. Typically, this will be the root path of 137 | your application but you are free to change this when necessary. 138 | 139 */ 140 141 'path' => '/', 142 143 /* 144 |-------------------------------------------------------------------------- 145 | Session Cookie Domain 146 |-------------------------------------------------------------------------- 147 | 148 | Here you may change the domain of the cookie used to identify a session 149 | in your application. This will determine which domains the cookie is 150 | available to in your application. A sensible default has been set. 151 | 152 */ 153 154 'domain' => env('SESSION_DOMAIN', null), 155 156 /* 157 |-------------------------------------------------------------------------- 158 | HTTPS Only Cookies 159 |-------------------------------------------------------------------------- 160 | 161 | By setting this option to true, session cookies will only be sent back 162 | to the server if the browser has a HTTPS connection. This will keep 163 | the cookie from being sent to you if it can not be done securely. 164 | 165 */ 166 167 'secure' => env('SESSION_SECURE_COOKIE', true), 168 169 /* 170 |-------------------------------------------------------------------------- 171 | HTTP Access Only 172 |-------------------------------------------------------------------------- 173 | 174 | Setting this value to true will prevent JavaScript from accessing the 175 | value of the cookie and the cookie will only be accessible through 176 | the HTTP protocol. You are free to modify this option if needed. 177 | 178 */ 179 180 'http_only' => true, 181 182 /* 183 |-------------------------------------------------------------------------- 184 | Same-Site Cookies 185 |-------------------------------------------------------------------------- 186 | 187 | This option determines how your cookies behave when cross-site requests 188 | take place, and can be used to mitigate CSRF attacks. By default, we 189 | do not enable this as other CSRF protection services are in place. 190 | 191 | Supported: "lax", "strict" 192 | 193 */ 194 195 'same_site' => null, 196 197 ];