config/session.php at master · keii.dev/osu-web

keii.dev / osu-web
the browser-facing portion of osu!
osu-web / config / session.php
at master 6.4 kB view raw
  1<?php
  2
  3return [
  4
  5    /*
  6    |--------------------------------------------------------------------------
  7    | Default Session Driver
  8    |--------------------------------------------------------------------------
  9    |
 10    | This option controls the default session "driver" that will be used on
 11    | requests. By default, we will use the lightweight native driver but
 12    | you may specify any of the other wonderful drivers provided here.
 13    |
 14    | Supported: "file", "cookie", "database", "apc",
 15    |            "memcached", "redis", "array"
 16    |
 17    */
 18
 19    'driver' => env('SESSION_DRIVER', 'redis'),
 20
 21    /*
 22    |--------------------------------------------------------------------------
 23    | Session Lifetime
 24    |--------------------------------------------------------------------------
 25    |
 26    | Here you may specify the number of minutes that you wish the session
 27    | to be allowed to remain idle before it expires. If you want them
 28    | to immediately expire on the browser closing, set that option.
 29    |
 30    */
 31
 32    'lifetime' => (30 * 24 * 60),
 33
 34    'expire_on_close' => false,
 35
 36    /*
 37    |--------------------------------------------------------------------------
 38    | Session Encryption
 39    |--------------------------------------------------------------------------
 40    |
 41    | This option allows you to easily specify that all of your session data
 42    | should be encrypted before it is stored. All encryption will be run
 43    | automatically by Laravel and you can use the Session like normal.
 44    |
 45    */
 46
 47    // NOTE: This does nothing because we overrode SessionManager::buildSession
 48    'encrypt' => false,
 49
 50    /*
 51    |--------------------------------------------------------------------------
 52    | Session File Location
 53    |--------------------------------------------------------------------------
 54    |
 55    | When using the native session driver, we need a location where session
 56    | files may be stored. A default has been set for you but a different
 57    | location may be specified. This is only needed for file sessions.
 58    |
 59    */
 60
 61    'files' => storage_path('framework/sessions'),
 62
 63    /*
 64    |--------------------------------------------------------------------------
 65    | Session Database Connection
 66    |--------------------------------------------------------------------------
 67    |
 68    | When using the "database" or "redis" session drivers, you may specify a
 69    | connection that should be used to manage these sessions. This should
 70    | correspond to a connection in your database configuration options.
 71    |
 72    */
 73
 74    'connection' => 'session',
 75
 76    /*
 77    |--------------------------------------------------------------------------
 78    | Session Database Table
 79    |--------------------------------------------------------------------------
 80    |
 81    | When using the "database" session driver, you may specify the table we
 82    | should use to manage the sessions. Of course, a sensible default is
 83    | provided for you; however, you are free to change this as needed.
 84    |
 85    */
 86
 87    'table' => 'sessions',
 88
 89    /*
 90    |--------------------------------------------------------------------------
 91    | Session Cache Store
 92    |--------------------------------------------------------------------------
 93    |
 94    | When using the "apc" or "memcached" session drivers, you may specify a
 95    | cache store that should be used for these sessions. This value must
 96    | correspond with one of the application's configured cache stores.
 97    |
 98    */
 99
100    'store' => null,
101
102    /*
103    |--------------------------------------------------------------------------
104    | Session Sweeping Lottery
105    |--------------------------------------------------------------------------
106    |
107    | Some session drivers must manually sweep their storage location to get
108    | rid of old sessions from storage. Here are the chances that it will
109    | happen on a given request. By default, the odds are 2 out of 100.
110    |
111    */
112
113    'lottery' => [2, 100],
114
115    /*
116    |--------------------------------------------------------------------------
117    | Session Cookie Name
118    |--------------------------------------------------------------------------
119    |
120    | Here you may change the name of the cookie used to identify a session
121    | instance by ID. The name specified here will get used every time a
122    | new session cookie is created by the framework for every driver.
123    |
124    */
125
126    'cookie' => (env('SESSION_PREFIX') ?? '').'osu_session',
127
128    /*
129    |--------------------------------------------------------------------------
130    | Session Cookie Path
131    |--------------------------------------------------------------------------
132    |
133    | The session cookie path determines the path for which the cookie will
134    | be regarded as available. Typically, this will be the root path of
135    | your application but you are free to change this when necessary.
136    |
137    */
138
139    'path' => '/',
140
141    /*
142    |--------------------------------------------------------------------------
143    | Session Cookie Domain
144    |--------------------------------------------------------------------------
145    |
146    | Here you may change the domain of the cookie used to identify a session
147    | in your application. This will determine which domains the cookie is
148    | available to in your application. A sensible default has been set.
149    |
150    */
151
152    'domain' => env('SESSION_DOMAIN', null),
153
154    /*
155    |--------------------------------------------------------------------------
156    | HTTPS Only Cookies
157    |--------------------------------------------------------------------------
158    |
159    | By setting this option to true, session cookies will only be sent back
160    | to the server if the browser has a HTTPS connection. This will keep
161    | the cookie from being sent to you if it can not be done securely.
162    |
163    */
164
165    'secure' => env('SESSION_SECURE_COOKIE', false),
166
167    'same_site' => 'lax',
168
169    /*
170    |--------------------------------------------------------------------------
171    | HTTP Access Only
172    |--------------------------------------------------------------------------
173    |
174    | Setting this value to true will prevent JavaScript from accessing the
175    | value of the cookie and the cookie will only be accessible through
176    | the HTTP protocol. You are free to modify this option if needed.
177    |
178    */
179
180    'http_only' => true,
181
182];