From 2fd193edb3b13dff9bd9ca91022eea5b2e97e859 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 1 Sep 2019 18:31:43 -0600 Subject: [PATCH] Update session config, added secure defaults, longer session lifetime and changed the default driver to database --- config/session.php | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/config/session.php b/config/session.php index 736fb3c7..08aa86c8 100644 --- a/config/session.php +++ b/config/session.php @@ -16,7 +16,7 @@ return [ | */ - 'driver' => env('SESSION_DRIVER', 'file'), + 'driver' => 'database', /* |-------------------------------------------------------------------------- @@ -29,7 +29,7 @@ return [ | */ - 'lifetime' => env('SESSION_LIFETIME', 120), + 'lifetime' => env('SESSION_LIFETIME', 2880), 'expire_on_close' => false, @@ -122,10 +122,7 @@ return [ | */ - 'cookie' => env( - 'SESSION_COOKIE', - str_slug(env('APP_NAME', 'laravel'), '_').'_session' - ), + 'cookie' => 'pxfs', /* |-------------------------------------------------------------------------- @@ -151,7 +148,7 @@ return [ | */ - 'domain' => env('SESSION_DOMAIN', null), + 'domain' => env('SESSION_DOMAIN', env('APP_DOMAIN', null)), /* |-------------------------------------------------------------------------- @@ -164,7 +161,7 @@ return [ | */ - 'secure' => env('SESSION_SECURE_COOKIE', false), + 'secure' => true, /* |-------------------------------------------------------------------------- @@ -192,6 +189,6 @@ return [ | */ - 'same_site' => null, + 'same_site' => 'strict', ];