Laravel Aura

Technology is fun!

General Topic Laravel 

Http Session tutorial in laravel 8

Navid Anjum 0 Comments

Session :We can set the session data with two ways.

i. Golbal Session helper : global[‘key’=>’value’]

ii. Via Request Instance : $request->session()->put(‘key’,’value’)

Also we can get the session data using two ways

Global session: session(‘key’)
 $request->session()->get('key');

Retrieve all session data:

$request->session()->all();

Result:

{"key":"value","_token":"KHQeOmBtAjxXeBJ2blh6JD1T6G5leGP1Xo6kU81F","_previous":{"url":"http:\/\/127.0.0.1:8000"},"_flash":{"old":[],"new":[]}}

 

then,we check to see if an item exits:

In route setting some key for session using global session helper.

session(['key' => 'value']);
session(['users'=>'']);

 

When we use has method with session() it will return true if user present in session .

if ($request->session()->has('user'))
{
    return $request-session()->get(‘user’);
 }
else if ($request->session()->has('key'))
    {
     return $request->session()->get('key');
    }

 

Result will be “value” as it will not return anything if a key’s value is null.We can also do this with exist method

if($request->session()->exists('users'))
{
    return "User :".$request->session()->get('users');
}
else if($request->session()->exists('key'))
{
    return "Key :".$request->session()->get('key');
}

 

But this time the result will come from ‘users’ key as it will return the value even if the key is null value.

Missing Method:

Using missing with session we can determine if a key is missing

if ($request->session()->missing('kkk'))
{
    return 'missing';
}

Setting and getting new value to session array using put

$request->session()->put('key2','val2');
return $request->session()->pull('key2');

But

  $request->session()->put('key2','val2');
     $request->session()->pull('key2');

 if ($request->session()->has('key2'))
{
    return 'user';
}
 else
 {
     return 'missing key2';
 }

 

The result will be ‘missing key2’ as  pull not only retrieve the key but also delete the key.

Incrementing and decrementing:

We can increment and decrement the session value

echo  $request->session()->increment('key5');

 return $request->session()->increment('key5');

$request->session()->decrement('count');

 

Result will 1 for first statement , 2 for second statement and 1 for last statement.

Note; When we use increment, decrement, it will automatically set the session value for us.

Flash Data:If we want to set the for next request then have to save the data using flash.

$request->session()->flash(‘key’,’val’);

 

Deleting Session data:

$request->session()->forget(‘key’);

To remove all data  we have to use flash()

$request->session_>flash();

 

Session Fixation : When an attacker  hijack a valid user session is called Session Fixation.

Regenerating The session ID:

To prevent session fixation we have to regenerate session id . Laravel automatically regenerates the session ID during authentication we we use one of the Laravel application starter kits or Laravel Fortify. Otherwise we have to do it manually

$request->session()->regenerate();

 

We also can regenerate() the session and remove all session data with it using below code

$request->session()->invalidate();

 

 

Navid Anjum

Full-stack web developer and founder of Laravelaura. He makes his tutorials as simple as humanly possible and focuses on getting the students to the point where they can build projects independently. https://github.com/NavidAnjum

You May Also Like

Request lifecycle of Laravel

Navid Anjum 0

Laravel Controllers

Navid Anjum 0

Tips to minimize Laravel Eloquent’s memory consumption

Navid Anjum 0

Leave a Reply

Your email address will not be published. Required fields are marked *