/
session.php
41 lines (29 loc) · 1.07 KB
/
session.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?php
/**
* This config file contains session configuration, it is used by the "Session::class".
*
* @see \MAKS\Velox\Backend\Session
*/
return [
// PHP session save path, see https://www.php.net/manual/en/function.session-save-path
'path' => '{global.paths.storage}/app/sessions',
// PHP session cache configuration.
'cache' => [
// Cache limiter, see https://www.php.net/manual/en/function.session-cache-limiter
'limiter' => null,
// Cache expiration, see https://www.php.net/manual/en/function.session-cache-expire
'expiration' => null,
],
// CSRF protection.
'csrf' => [
// Input field name that contains the CSRF token.
'name' => '_token',
// HTTP methods that should be checked against CSRF.
'methods' => ['POST', 'PUT', 'PATCH', 'DELETE'],
// Whitelisted hosts and/or IPs that are allowed to pass CSRF check (Hostname has precedence over IP).
'whitelisted' => [
// 'https://domain.tld'
// '127.0.0.1'
],
],
];