[英]Laravel: set-cookie on EVERY request
我正在使用Laravel一段時間,但我對一件事有疑問。 Laravel為每個請求設置cookie。 無論用戶是否登錄。
我認為這不是Laravel的正常行為。 用戶登錄后,我們無需為每個請求都為其創建新會話。 我們要不要? 那么,為什么laravel為用戶發送的每個請求生成新的會話和csrf令牌? 並且它也為來賓用戶生成這些會話和令牌,這是完全不必要和無用的。
我怎么能阻止這個?
我使用Laravel 5.2和File作為會話驅動程序。
這是我的路線和中間件的示例:
路線:
<?php
Route::get('/login', 'UserController@login');
Route::post('/login', 'UserController@postLogin');
Route::get('/link/{link}', 'HomeController@link');
$router->group(['middleware' => ['auth']], function() {
Route::get('/', 'HomeController@index');
Route::post('/', 'HomeController@postindex');
Route::get('/home', 'HomeController@index');
Route::post('/home', 'HomeController@postindex');
Route::get('user/{username}', 'UserController@user_info');
Route::post('user/{username}', 'UserController@post_user_info');
Route::get('/logout', 'UserController@logout');
});
$router->group(['middleware' => ['auth', 'role:2']], function() {
Route::get('/tools/register', 'UserController@register');
Route::post('/tools/register', 'UserController@postregister');
Route::get('/tools/users', 'AdminController@users');
Route::post('/tools/users', 'AdminController@post_users');
});
Route::controllers([
'password' => 'Auth\PasswordController',
]);
Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'role' => \App\Http\Middleware\Role::class,
];
}
我沒有檢查,但是您的路由可能位於默認的“ Web”中間件組中,該組默認具有session / cookies / csrf。
是否有可能擺脫Set-Cookie中的laravel_session請求?
[英]Is it possible to get rid of laravel_session in Set-Cookie of a request?
在 Docker 上運行的 Laravel 未在 HTTP 響應中發送任何 set-cookie
[英]Laravel running on Docker is not sending any set-cookie in HTTP response
如何在 Chrome 中修復“此 Set-Cookie 由於用戶偏好而被阻止”? (Stackoverflow SSO 登錄/Ajax CORS 請求)
[英]How to fix "This Set-Cookie was blocked due to user preferences" in Chrome? (Stackoverflow SSO Login / Ajax CORS request)
Angular 5 - 盡管(Set-Cookie)在響應標頭中,但已設置 Cookie
[英]Angular 5 - Cookie is set although (Set-Cookie) is in the response header
使用 header(“Set-cookie”) 與 setcookie() 函數設置 cookie
[英]Setting cookie using header(“Set-cookie”) vs setcookie() function
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.