how session id is stored in a cookie on client side
all operation of session handling
How session is used to access dashboard
- Retrieving All Session Data
- Determining If An Item Exists In The Session
- Storing Data
- Flash Data
- Regenerating The Session ID
- Session Blocking
**Sessions **are used to store information about the user across the requests. Laravel provides various drivers like file, cookie, apc, array, Memcached, Redis, and database to handle session data. By default, file driver is used because it is lightweight. Session can be configured in the file stored at config/session.php.
Accessing Session Data
To access the session data, we need an instance of session which can be accessed via HTTP request. After getting the instance, we can use the get() method, which will take one argument, “key”, to get the session data.
$value = $request->session()->get('key');
You can use all() method to get all session data instead of get() method.
Storing Session Data
Data can be stored in session using the put() method. The put() method will take two arguments, the “key” and the “value”.
$request->session()->put('key', 'value');
Deleting Session Data
The forget() method is used to delete an item from the session. This method will take “key” as the argument.
$request->session()->forget('key');
Use flush() method instead of forget() method to delete all session data. Use the pull() method to retrieve data from session and delete it afterwards. The pull() method will also take key as the argument. The difference between the forget() and the pull() method is that forget() method will not return the value of the session and pull() method will return it and delete that value from session.
Example
Step 1 − Create a controller called SessionController by executing the following command.
php artisan make:controller SessionController --plain
Step 2 − After successful execution, you will receive the following output −
SessionController
Step 3 − Copy the following code in a file at
app/Http/Controllers/SessionController.php.
app/Http/Controllers/SessionController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\Http\Controllers\Controller;
class SessionController extends Controller {
public function accessSessionData(Request $request) {
if($request->session()->has('my_name'))
echo $request->session()->get('my_name');
else
echo 'No data in the session';
}
public function storeSessionData(Request $request) {
$request->session()->put('my_name','Virat Gandhi');
echo "Data has been added to session";
}
public function deleteSessionData(Request $request) {
$request->session()->forget('my_name');
echo "Data has been removed from session.";
}
}
Step 4 − Add the following lines at app/Http/routes.php file.
app/Http/routes.php
Route::get('session/get','SessionController@accessSessionData');
Route::get('session/set','SessionController@storeSessionData');
Route::get('session/remove','SessionController@deleteSessionData');
Step 5 − Visit the following URL to set data in session.
http://localhost:8000/session/set
Step 6 − The output will appear as shown in the following image.
Data in Session
Step 7 − Visit the following URL to get data from session.
http://localhost:8000/session/get
Step 8 − The output will appear as shown in the following image.
Virat Gandhi
Step 9 − Visit the following URL to remove session data.
http://localhost:8000/session/remove
Step 10 − You will see a message as shown in the following image.
Session
Retrieving All Session Data
If you would like to retrieve all the data in the session, you may use the all method:
$data = $request->session()->all();
Determining If An Item Exists In The Session
To determine if an item is present in the session, you may use the has method. The has method returns true if the item is present and is not null:
if ($request->session()->has('users')) {
//
}
To determine if an item is present in the session, even if its value is null, you may use the exists method:
if ($request->session()->exists('users')) {
//
}
To determine if an item is not present in the session, you may use the missing method. The missing method returns true if the item is not present:
if ($request->session()->missing('users')) {
//
}
Storing Data
To store data in the session, you will typically use the request instance's put method or the global session helper:
// Via a request instance...
$request->session()->put('key', 'value');
// Via the global "session" helper...
session(['key' => 'value']);
Pushing To Array Session Values
The push method may be used to push a new value onto a session value that is an array. For example, if the user.teams key contains an array of team names, you may push a new value onto the array like so:
$request->session()->push('user.teams', 'developers');
Retrieving & Deleting An Item
The pull method will retrieve and delete an item from the session in a single statement:
$value = $request->session()->pull('key', 'default');
Incrementing & Decrementing Session Values
If your session data contains an integer you wish to increment or decrement, you may use the increment and decrement methods:
$request->session()->increment('count');
$request->session()->increment('count', $incrementBy = 2);
$request->session()->decrement('count');
$request->session()->decrement('count', $decrementBy = 2);
Flash Data
Sometimes you may wish to store items in the session for the next request. You may do so using the flash method. Data stored in the session using this method will be available immediately and during the subsequent HTTP request. After the subsequent HTTP request, the flashed data will be deleted. Flash data is primarily useful for short-lived status messages:
$request->session()->flash('status', 'Task was successful!');
If you need to persist your flash data for several requests, you may use the reflash method, which will keep all of the flash data for an additional request. If you only need to keep specific flash data, you may use the keep method:
$request->session()->reflash();
$request->session()->keep(['username', 'email']);
To persist your flash data only for the current request, you may use the now method:
$request->session()->now('status', 'Task was successful!');
Regenerating The Session ID
Regenerating the session ID is often done in order to prevent malicious users from exploiting a session fixation attack on your application.
Laravel automatically regenerates the session ID during authentication if you are using one of the Laravel application starter kits or Laravel Fortify; however, if you need to manually regenerate the session ID, you may use the regenerate method:
$request->session()->regenerate();
If you need to regenerate the session ID and remove all data from the session in a single statement, you may use the invalidate method:
$request->session()->invalidate();
Session Blocking
Route::post('/profile', function () {
//
})->block($lockSeconds = 10, $waitSeconds = 10)
Route::post('/order', function () {
//
})->block($lockSeconds = 10, $waitSeconds = 10)
Route::post('/profile', function () {
//
})->block()
how session id is stored in a cookie on client side
all operation of session handling
How session is used to access dashboard
use Illuminate\Http\Request;
class DashboardController extends Controller
{
public function index(Request $request)
{
// Check if the 'user_id' session variable is set
if (isset($request->session()->get('user_id'))) {
// User is authenticated, allow access to the dashboard
return view('dashboard');
} else {
// User is not authenticated, redirect to the login page
return redirect('/login');
}
}
}
Top comments (0)