Session :We can set the session data with two ways.
i. Golbal Session helper : global[‘key’=>’value’]
ii. Via Request Instance : $request->session()->put(‘key’,’value’)
Also we can get the session data using two ways
Global session: session(‘key’)
$request->session()->get('key');
Retrieve all session data:
$request->session()->all();
Result:
{"key":"value","_token":"KHQeOmBtAjxXeBJ2blh6JD1T6G5leGP1Xo6kU81F","_previous":{"url":"http:\/\/127.0.0.1:8000"},"_flash":{"old":[],"new":[]}}
then,we check to see if an item exits:
In route setting some key for session using global session helper.
session(['key' => 'value']); session(['users'=>'']);
When we use has method with session() it will return true if user present in session .
if ($request->session()->has('user'))
{
return $request-session()->get(‘user’);
}
else if ($request->session()->has('key'))
{
return $request->session()->get('key');
}
Result will be “value” as it will not return anything if a key’s value is null.We can also do this with exist method
if($request->session()->exists('users'))
{
return "User :".$request->session()->get('users');
}
else if($request->session()->exists('key'))
{
return "Key :".$request->session()->get('key');
}
But this time the result will come from ‘users’ key as it will return the value even if the key is null value.
Missing Method:
Using missing with session we can determine if a key is missing
if ($request->session()->missing('kkk'))
{
return 'missing';
}
Setting and getting new value to session array using put
$request->session()->put('key2','val2');
return $request->session()->pull('key2');
But
$request->session()->put('key2','val2');
$request->session()->pull('key2');
if ($request->session()->has('key2'))
{
return 'user';
}
else
{
return 'missing key2';
}
The result will be ‘missing key2’ as pull not only retrieve the key but also delete the key.
Incrementing and decrementing:
We can increment and decrement the session value
echo $request->session()->increment('key5');
return $request->session()->increment('key5');
$request->session()->decrement('count');
Result will 1 for first statement , 2 for second statement and 1 for last statement.
Note; When we use increment, decrement, it will automatically set the session value for us.
Flash Data:If we want to set the for next request then have to save the data using flash.
$request->session()->flash(‘key’,’val’);
Deleting Session data:
$request->session()->forget(‘key’);
To remove all data we have to use flash()
$request->session_>flash();
Session Fixation : When an attacker hijack a valid user session is called Session Fixation.
Regenerating The session ID:
To prevent session fixation we have to regenerate session id . Laravel automatically regenerates the session ID during authentication we we use one of the Laravel application starter kits or Laravel Fortify. Otherwise we have to do it manually
$request->session()->regenerate();
We also can regenerate() the session and remove all session data with it using below code
$request->session()->invalidate();