laravel-sessions-middleware

📁 smithery/ai 📅 8 days ago

总安装量

周安装量

#44597

全站排名

安装命令

npx skills add https://smithery.ai

Agent 安装分布

antigravity 1

app/Http/
âââ Middleware/         # Custom logic layers
âââ Kernel.php          # Global/Group registration

Session Driver: Use redis or memcached for production/high-density environments.
Middleware Chain: Keep logic granular; one middleware per responsibility.
Global Middleware: Apply via bootstrap/app.php only for true globals (logging, headers).
Security Headers: Standardize headers (HSTS, CSP, X-Frame) via dedicated middleware.
CSRF Protection: Ensure VerifyCsrfToken is active for all web routes.
Session Lifecycle: Use $request->session()->regenerate() after login/privilege changes.

File Streams: No file session driver: Avoid in scaled apps due to I/O locks.
Env direct: No env(‘SESSION_…’): Always use config('session...').
Heavy Bloat: No heavy logic in Middleware: Offload to Services if >10 lines.
Trusting Client: No sensitive data in Cookies: Store in server sessions only.