Start update to laravel 6.4

2019-11-08 23:08:34 +11:00
parent c723807b3f
commit a91ddbe66e
249 changed files with 89623 additions and 1604 deletions
--- a/config/session.php
+++ b/config/session.php
@@ -1,5 +1,7 @@
 <?php

+use Illuminate\Support\Str;
+
 return [

    /*
@@ -12,7 +14,7 @@ return [
    | you may specify any of the other wonderful drivers provided here.
    |
    | Supported: "file", "cookie", "database", "apc",
-    |            "memcached", "redis", "array"
+    |            "memcached", "redis", "dynamodb", "array"
    |
    */

@@ -29,7 +31,7 @@ return [
    |
    */

-    'lifetime' => 120,
+    'lifetime' => env('SESSION_LIFETIME', 120),

    'expire_on_close' => false,

@@ -70,7 +72,7 @@ return [
    |
    */

-    'connection' => null,
+    'connection' => env('SESSION_CONNECTION', null),

    /*
    |--------------------------------------------------------------------------
@@ -85,6 +87,19 @@ return [

    'table' => 'sessions',

+    /*
+    |--------------------------------------------------------------------------
+    | Session Cache Store
+    |--------------------------------------------------------------------------
+    |
+    | When using the "apc", "memcached", or "dynamodb" session drivers you may
+    | list a cache store that should be used for these sessions. This value
+    | must match with one of the application's configured cache "stores".
+    |
+    */
+
+    'store' => env('SESSION_STORE', null),
+
    /*
    |--------------------------------------------------------------------------
    | Session Sweeping Lottery
@@ -109,7 +124,10 @@ return [
    |
    */

-    'cookie' => 'laravel_session',
+    'cookie' => env(
+        'SESSION_COOKIE',
+        Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
+    ),

    /*
    |--------------------------------------------------------------------------
@@ -135,7 +153,7 @@ return [
    |
    */

-    'domain' => null,
+    'domain' => env('SESSION_DOMAIN', null),

    /*
    |--------------------------------------------------------------------------
@@ -148,7 +166,7 @@ return [
    |
    */

-    'secure' => false,
+    'secure' => env('SESSION_SECURE_COOKIE', false),

    /*
    |--------------------------------------------------------------------------
@@ -163,4 +181,19 @@ return [

    'http_only' => true,

+    /*
+    |--------------------------------------------------------------------------
+    | Same-Site Cookies
+    |--------------------------------------------------------------------------
+    |
+    | This option determines how your cookies behave when cross-site requests
+    | take place, and can be used to mitigate CSRF attacks. By default, we
+    | do not enable this as other CSRF protection services are in place.
+    |
+    | Supported: "lax", "strict"
+    |
+    */
+
+    'same_site' => null,
+
 ];