search

laravel / framework

The Laravel Framework.
https://laravel.com
MIT License
32.13k stars 10.87k forks source link

No setting for default session cookie name #207

Closed ltsochev-dev closed 11 years ago

ltsochev-dev commented 11 years ago

As the title says, the last beta of Laravel 4 has no configurable option for the default session cookie. The name is hardcoded as "illuminate_session".

taylorotwell commented 11 years ago

Is there a strong reason to make this configurable?

franzliedke commented 11 years ago

Yep - different apps, all on localhost.

ipalaus commented 11 years ago

+1, very useful as @franzliedke said

robclancy commented 11 years ago

Yeah I had to extend to set my own name for when coming to the app from a different subdomain using different auth system.

ltsochev-dev commented 11 years ago

Well its really easy to change it yourself using IoC before filter and Session::setCookieName() but I did lots of code reading to end up there. And there is also some cookie "illuminate_payload" which I have no idea what it is for, I didn't have the time to read that off of the source.But a configurable option seems logical to me o.o Laravel 3 had it :)

taylorotwell commented 11 years ago

Blah, you guys need to use virtual hosts or something. :)

robclancy commented 11 years ago

Well I hacked it to use Cookie and Session in a stateless API situation by making the cookie check for a server header instead... so may not be a use case that comes up often :p

ltsochev-dev commented 11 years ago

I don't see how virtual host would change the name of the session. If that is a way for you guys to advertise the framework, I don't like it. When people check their cookies, I don't want them to see "Illuminate_session" that's all. And It can't be that hard to be made a setting

franzliedke commented 11 years ago

Blah, you guys need to use virtual hosts or something. :)

Ha, I knew you were going to say that. What about shared hosts then? People don't always have that option. I do, too, but sometimes I'm lazy.

alexwhitman commented 11 years ago

We run a lot of apps on the same domain over SSL. We could get SSL certificates for a sub-domain per app but really it's just simpler and cheaper to do it on the same domain.

taylorotwell commented 11 years ago

Fixed.

tkaw220 commented 11 years ago

I'm curious if anyone using Laravel since version 3 running into cookie can't set problem in various version of IE when having underscore in cookie name.

I came across this problem with my project (an ecommerce site built on CI). The problem fixed removing the underscore in cookie name.

While I'm currently porting the project to Laravel, just want to check if I should remove underscore from session cookie as well.