From bcf445e45f47e2c743de2d40a9ca0c8b4fd3b23c Mon Sep 17 00:00:00 2001 From: he3als <65787561+he3als@users.noreply.github.com> Date: Sun, 17 Nov 2024 13:00:27 +0000 Subject: [PATCH] feat: update config --- config/app.php | 77 +++++++++++++++++++++--------------------- config/auth.php | 37 ++++++++++---------- config/cache.php | 30 ++++++++-------- config/database.php | 50 +++++++++++++++++++++------ config/filesystems.php | 13 +++---- config/logging.php | 36 ++++++++++++-------- config/mail.php | 10 +++--- config/queue.php | 42 +++++++++++++++-------- config/sanctum.php | 3 +- config/services.php | 18 ++++++---- config/session.php | 76 +++++++++++++++++++++++++---------------- 11 files changed, 232 insertions(+), 160 deletions(-) diff --git a/config/app.php b/config/app.php index 980604421..4eaea69a1 100644 --- a/config/app.php +++ b/config/app.php @@ -18,9 +18,10 @@ return [ | Application Name |-------------------------------------------------------------------------- | - | This value is the name of your application. This value is used when the + | This value is the name of your application, which will be used when the | framework needs to place the application's name in a notification or - | any other location as required by the application or its packages. + | other UI elements where an application name needs to be displayed. + | */ 'name' => env('APP_NAME', 'Pyrodactyl'), @@ -32,7 +33,7 @@ return [ | | This value determines the "environment" your application is currently | running in. This may determine how you prefer to configure various - | services your application utilizes. Set this in your ".env" file. + | services the application utilizes. Set this in your ".env" file. | */ @@ -49,7 +50,7 @@ return [ | */ - 'debug' => env('APP_DEBUG', false), + 'debug' => (bool) env('APP_DEBUG', false), /* |-------------------------------------------------------------------------- @@ -58,7 +59,7 @@ return [ | | This URL is used by the console to properly generate URLs when using | the Artisan command line tool. You should set this to the root of - | your application so that it is used when running Artisan tasks. + | the application so that it's available within Artisan commands. | */ @@ -70,8 +71,8 @@ return [ |-------------------------------------------------------------------------- | | Here you may specify the default timezone for your application, which - | will be used by the PHP date and date-time functions. We have gone - | ahead and set this to a sensible default for you out of the box. + | will be used by the PHP date and date-time functions. The timezone + | is set to "UTC" by default as it is suitable for most use cases. | */ @@ -83,55 +84,36 @@ return [ |-------------------------------------------------------------------------- | | The application locale determines the default locale that will be used - | by the translation service provider. You are free to set this value - | to any of the locales which will be supported by the application. + | by Laravel's translation / localization methods. This option can be + | set to any locale for which you plan to have translation strings. | */ 'locale' => env('APP_LOCALE', 'en'), - /* - |-------------------------------------------------------------------------- - | Application Fallback Locale - |-------------------------------------------------------------------------- - | - | The fallback locale determines the locale to use when the current one - | is not available. You may change the value to correspond to any of - | the language folders that are provided through your application. - | - */ + 'fallback_locale' => env('APP_FALLBACK_LOCALE', 'en'), - 'fallback_locale' => 'en', + 'faker_locale' => env('APP_FAKER_LOCALE', 'en_US'), /* |-------------------------------------------------------------------------- | Encryption Key |-------------------------------------------------------------------------- | - | This key is used by the Illuminate encrypter service and should be set - | to a random, 32 character string, otherwise these encrypted strings - | will not be safe. Please do this before deploying an application! + | This key is utilized by Laravel's encryption services and should be set + | to a random, 32 character string to ensure that all encrypted values + | are secure. You should do this prior to deploying the application. | */ - 'key' => env('APP_KEY'), - 'cipher' => 'AES-256-CBC', - /* - |-------------------------------------------------------------------------- - | Exception Reporter Configuration - |-------------------------------------------------------------------------- - | - | If you're encountering weird behavior with the Panel and no exceptions - | are being logged try changing the environment variable below to be true. - | This will override the default "don't report" behavior of the Panel and log - | all exceptions. This will be quite noisy. - | - */ + 'key' => env('APP_KEY'), - 'exceptions' => [ - 'report_all' => env('APP_REPORT_ALL_EXCEPTIONS', false), + 'previous_keys' => [ + ...array_filter( + explode(',', env('APP_PREVIOUS_KEYS', '')) + ), ], /* @@ -148,7 +130,24 @@ return [ */ 'maintenance' => [ - 'driver' => 'file', + 'driver' => env('APP_MAINTENANCE_DRIVER', 'file'), + 'store' => env('APP_MAINTENANCE_STORE', 'database'), + ], + + /* + |-------------------------------------------------------------------------- + | Exception Reporter Configuration + |-------------------------------------------------------------------------- + | + | If you're encountering weird behavior with the Panel and no exceptions + | are being logged try changing the environment variable below to be true. + | This will override the default "don't report" behavior of the Panel and log + | all exceptions. This will be quite noisy. + | + */ + + 'exceptions' => [ + 'report_all' => env('APP_REPORT_ALL_EXCEPTIONS', false), ], /* diff --git a/config/auth.php b/config/auth.php index 21e6be7b2..76db06571 100644 --- a/config/auth.php +++ b/config/auth.php @@ -11,6 +11,7 @@ return [ | password incorrectly. | */ + 'lockout' => [ 'time' => 2, 'attempts' => 3, @@ -21,8 +22,8 @@ return [ | Authentication Defaults |-------------------------------------------------------------------------- | - | This option controls the default authentication "guard" and password - | reset options for your application. You may change these defaults + | This option defines the default authentication "guard" and password + | reset "broker" for your application. You may change these values | as required, but they're a perfect start for most applications. | */ @@ -39,11 +40,11 @@ return [ | | Next, you may define every authentication guard for your application. | Of course, a great default configuration has been defined for you - | here which uses session storage and the Eloquent user provider. + | which utilizes session storage plus the Eloquent user provider. | - | All authentication drivers have a user provider. This defines how the + | All authentication guards have a user provider, which defines how the | users are actually retrieved out of your database or other storage - | mechanisms used by this application to persist your user's data. + | system used by the application. Typically, Eloquent is utilized. | | Supported: "session", "token" | @@ -66,12 +67,12 @@ return [ | User Providers |-------------------------------------------------------------------------- | - | All authentication drivers have a user provider. This defines how the + | All authentication guards have a user provider, which defines how the | users are actually retrieved out of your database or other storage - | mechanisms used by this application to persist your user's data. + | system used by the application. Typically, Eloquent is utilized. | | If you have multiple user tables or models you may configure multiple - | sources which represent each model / table. These sources may then + | providers to represent the model / table. These providers may then | be assigned to any extra authentication guards you have defined. | | Supported: "database", "eloquent" @@ -90,18 +91,18 @@ return [ | Resetting Passwords |-------------------------------------------------------------------------- | - | Here you may set the options for resetting passwords including the view - | that is your password reset e-mail. You may also set the name of the - | table that maintains all of the reset tokens for your application. + | These configuration options specify the behavior of Laravel's password + | reset functionality, including the table utilized for token storage + | and the user provider that is invoked to actually retrieve users. | - | You may specify multiple password reset configurations if you have more - | than one user table or model in the application and you want to have - | separate password reset settings based on the specific user types. - | - | The expire time is the number of minutes that the reset token should be + | The expiry time is the number of minutes that each reset token will be | considered valid. This security feature keeps tokens short-lived so | they have less time to be guessed. You may change this as needed. | + | The throttle setting is the number of seconds a user must wait before + | generating more password reset tokens. This prevents the user from + | quickly generating a very large amount of password reset tokens. + | */ 'passwords' => [ @@ -119,10 +120,10 @@ return [ |-------------------------------------------------------------------------- | | Here you may define the amount of seconds before a password confirmation - | times out and the user is prompted to re-enter their password via the + | window expires and users are asked to re-enter their password via the | confirmation screen. By default, the timeout lasts for three hours. | */ - 'password_timeout' => 10800, + 'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800), ]; diff --git a/config/cache.php b/config/cache.php index 14b00b51b..ce38d7983 100644 --- a/config/cache.php +++ b/config/cache.php @@ -8,13 +8,13 @@ return [ | Default Cache Store |-------------------------------------------------------------------------- | - | This option controls the default cache connection that gets used while - | using this caching library. This connection is used when another is - | not explicitly specified when executing a given caching function. + | This option controls the default cache store that will be used by the + | framework. This connection is utilized if another isn't explicitly + | specified when running a cache operation inside the application. | */ - 'default' => env('CACHE_DRIVER', 'redis'), + 'default' => env('CACHE_STORE', env('CACHE_DRIVER', 'redis')), /* |-------------------------------------------------------------------------- @@ -25,16 +25,12 @@ return [ | well as their drivers. You may even define multiple stores for the | same cache driver to group types of items stored in your caches. | - | Supported drivers: "apc", "array", "database", "file", - | "memcached", "redis", "dynamodb", "octane", "null" + | Supported drivers: "array", "database", "file", "memcached", + | "redis", "octane", "null" | */ 'stores' => [ - 'apc' => [ - 'driver' => 'apc', - ], - 'array' => [ 'driver' => 'array', 'serialize' => false, @@ -42,14 +38,16 @@ return [ 'database' => [ 'driver' => 'database', - 'table' => 'cache', - 'connection' => null, - 'lock_connection' => null, + 'connection' => env('DB_CACHE_CONNECTION'), + 'table' => env('DB_CACHE_TABLE', 'cache'), + 'lock_connection' => env('DB_CACHE_LOCK_CONNECTION'), + 'lock_table' => env('DB_CACHE_LOCK_TABLE'), ], 'file' => [ 'driver' => 'file', 'path' => storage_path('framework/cache/data'), + 'lock_path' => storage_path('framework/cache/data'), ], 'memcached' => [ @@ -60,7 +58,7 @@ return [ env('MEMCACHED_PASSWORD'), ], 'options' => [ - // Memcached::OPT_CONNECT_TIMEOUT => 2000, + // Memcached::OPT_CONNECT_TIMEOUT => 2000, ], 'servers' => [ [ @@ -73,8 +71,8 @@ return [ 'redis' => [ 'driver' => 'redis', - 'connection' => 'default', - 'lock_connection' => 'default', + 'connection' => env('REDIS_CACHE_CONNECTION', 'default'), + 'lock_connection' => env('REDIS_CACHE_LOCK_CONNECTION', 'default'), ], 'sessions' => [ diff --git a/config/database.php b/config/database.php index b3a460ba2..6b1a18f10 100644 --- a/config/database.php +++ b/config/database.php @@ -10,8 +10,9 @@ return [ |-------------------------------------------------------------------------- | | Here you may specify which of the database connections below you wish - | to use as your default connection for all database work. Of course - | you may use many connections at once using the Database library. + | to use as your default connection for database operations. This is + | the connection which will be utilized unless another connection + | is explicitly specified when you execute a query / statement. | */ @@ -36,18 +37,44 @@ return [ 'connections' => [ 'mysql' => [ 'driver' => 'mysql', - 'url' => env('DATABASE_URL'), + 'url' => env('DB_URL', env('DATABASE_URL')), 'host' => env('DB_HOST', '127.0.0.1'), 'port' => env('DB_PORT', '3306'), 'database' => env('DB_DATABASE', 'panel'), 'username' => env('DB_USERNAME', 'pterodactyl'), 'password' => env('DB_PASSWORD', ''), 'unix_socket' => env('DB_SOCKET', ''), - 'charset' => 'utf8mb4', - 'collation' => 'utf8mb4_unicode_ci', + 'charset' => env('DB_CHARSET', 'utf8mb4'), + 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), 'prefix' => env('DB_PREFIX', ''), 'prefix_indexes' => true, - 'strict' => env('DB_STRICT_MODE', false), + 'strict' => env('DB_STRICT_MODE', false), // TODO: true by default + 'engine' => null, + 'timezone' => env('DB_TIMEZONE', Time::getMySQLTimezoneOffset(env('APP_TIMEZONE', 'UTC'))), + 'sslmode' => env('DB_SSLMODE', 'prefer'), + 'options' => extension_loaded('pdo_mysql') ? array_filter([ + PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'), + PDO::MYSQL_ATTR_SSL_CERT => env('MYSQL_ATTR_SSL_CERT'), + PDO::MYSQL_ATTR_SSL_KEY => env('MYSQL_ATTR_SSL_KEY'), + PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => env('MYSQL_ATTR_SSL_VERIFY_SERVER_CERT', true), + ]) : [], + ], + + 'mariadb' => [ + 'driver' => 'mariadb', + 'url' => env('DB_URL', env('DATABASE_URL')), + 'host' => env('DB_HOST', '127.0.0.1'), + 'port' => env('DB_PORT', '3306'), + 'database' => env('DB_DATABASE', 'panel'), + 'username' => env('DB_USERNAME', 'pterodactyl'), + 'password' => env('DB_PASSWORD', ''), + 'unix_socket' => env('DB_SOCKET', ''), + 'charset' => env('DB_CHARSET', 'utf8mb4'), + 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), + 'prefix' => env('DB_PREFIX', ''), + 'prefix_indexes' => true, + 'strict' => env('DB_STRICT_MODE', true), + 'engine' => null, 'timezone' => env('DB_TIMEZONE', Time::getMySQLTimezoneOffset(env('APP_TIMEZONE', 'UTC'))), 'sslmode' => env('DB_SSLMODE', 'prefer'), 'options' => extension_loaded('pdo_mysql') ? array_filter([ @@ -66,11 +93,14 @@ return [ | | This table keeps track of all the migrations that have already run for | your application. Using this information, we can determine which of - | the migrations on disk haven't actually been run in the database. + | the migrations on disk haven't actually been run on the database. | */ - 'migrations' => 'migrations', + 'migrations' => [ + 'table' => 'migrations', + 'update_date_on_publish' => true, + ], /* |-------------------------------------------------------------------------- @@ -78,8 +108,8 @@ return [ |-------------------------------------------------------------------------- | | Redis is an open source, fast, and advanced key-value store that also - | provides a richer set of commands than a typical key-value systems - | such as APC or Memcached. Laravel makes it easy to dig right in. + | provides a richer body of commands than a typical key-value system + | such as Memcached. You may define your connection settings here. | */ diff --git a/config/filesystems.php b/config/filesystems.php index 012bd30b0..917a75681 100644 --- a/config/filesystems.php +++ b/config/filesystems.php @@ -8,7 +8,7 @@ return [ | | Here you may specify the default filesystem disk that should be used | by the framework. The "local" disk, as well as a variety of cloud - | based disks are available to your application. Just store away! + | based disks are available to your application for file storage. | */ @@ -19,18 +19,19 @@ return [ | Filesystem Disks |-------------------------------------------------------------------------- | - | Here you may configure as many filesystem "disks" as you wish, and you - | may even configure multiple disks of the same driver. Defaults have - | been set up for each driver as an example of the required values. + | Below you may configure as many filesystem disks as necessary, and you + | may even configure multiple disks for the same driver. Examples for + | most supported storage drivers are configured here for reference. | - | Supported Drivers: "local", "ftp", "sftp", "s3" + | Supported drivers: "local", "ftp", "sftp", "s3" | */ 'disks' => [ 'local' => [ 'driver' => 'local', - 'root' => storage_path('app'), + 'root' => storage_path('app/private'), + 'serve' => true, 'throw' => false, ], diff --git a/config/logging.php b/config/logging.php index b2cdb82da..4a7a9e0a5 100644 --- a/config/logging.php +++ b/config/logging.php @@ -3,6 +3,7 @@ use Monolog\Handler\NullHandler; use Monolog\Handler\StreamHandler; use Monolog\Handler\SyslogUdpHandler; +use Monolog\Processor\PsrLogMessageProcessor; return [ /* @@ -10,9 +11,9 @@ return [ | Default Log Channel |-------------------------------------------------------------------------- | - | This option defines the default log channel that gets used when writing - | messages to the logs. The name specified in this option should match - | one of the channels defined in the "channels" configuration array. + | This option defines the default log channel that is utilized to write + | messages to your logs. The value provided here should match one of + | the channels present in the list of "channels" configured below. | */ @@ -31,7 +32,7 @@ return [ 'deprecations' => [ 'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'), - 'trace' => false, + 'trace' => env('LOG_DEPRECATIONS_TRACE', false), ], /* @@ -39,20 +40,19 @@ return [ | Log Channels |-------------------------------------------------------------------------- | - | Here you may configure the log channels for your application. Out of - | the box, Laravel uses the Monolog PHP logging library. This gives - | you a variety of powerful log handlers / formatters to utilize. + | Here you may configure the log channels for your application. Laravel + | utilizes the Monolog PHP logging library, which includes a variety + | of powerful log handlers and formatters that you're free to use. | - | Available Drivers: "single", "daily", "slack", "syslog", - | "errorlog", "monolog", - | "custom", "stack" + | Available drivers: "single", "daily", "slack", "syslog", + | "errorlog", "monolog", "custom", "stack" | */ 'channels' => [ 'stack' => [ 'driver' => 'stack', - 'channels' => ['single'], + 'channels' => explode(',', env('LOG_STACK', 'single')), 'ignore_exceptions' => false, ], @@ -60,21 +60,24 @@ return [ 'driver' => 'single', 'path' => storage_path('logs/laravel.log'), 'level' => env('LOG_LEVEL', 'debug'), + 'replace_placeholders' => true, ], 'daily' => [ 'driver' => 'daily', 'path' => storage_path('logs/laravel.log'), 'level' => env('LOG_LEVEL', 'debug'), - 'days' => 7, + 'days' => env('LOG_DAILY_DAYS', 7), + 'replace_placeholders' => true, ], 'slack' => [ 'driver' => 'slack', 'url' => env('LOG_SLACK_WEBHOOK_URL'), - 'username' => 'Laravel Log', - 'emoji' => ':boom:', + 'username' => env('LOG_SLACK_USERNAME', 'Laravel Log'), + 'emoji' => env('LOG_SLACK_EMOJI', ':boom:'), 'level' => env('LOG_LEVEL', 'critical'), + 'replace_placeholders' => true, ], 'papertrail' => [ @@ -86,6 +89,7 @@ return [ 'port' => env('PAPERTRAIL_PORT'), 'connectionString' => 'tls://' . env('PAPERTRAIL_URL') . ':' . env('PAPERTRAIL_PORT'), ], + 'processors' => [PsrLogMessageProcessor::class], ], 'stderr' => [ @@ -96,16 +100,20 @@ return [ 'with' => [ 'stream' => 'php://stderr', ], + 'processors' => [PsrLogMessageProcessor::class], ], 'syslog' => [ 'driver' => 'syslog', 'level' => env('LOG_LEVEL', 'debug'), + 'facility' => env('LOG_SYSLOG_FACILITY', LOG_USER), + 'replace_placeholders' => true, ], 'errorlog' => [ 'driver' => 'errorlog', 'level' => env('LOG_LEVEL', 'debug'), + 'replace_placeholders' => true, ], 'null' => [ diff --git a/config/mail.php b/config/mail.php index 71c693cff..a62b40bda 100644 --- a/config/mail.php +++ b/config/mail.php @@ -35,8 +35,8 @@ return [ 'mailers' => [ 'smtp' => [ 'transport' => 'smtp', - 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), - 'port' => env('MAIL_PORT', 587), + 'host' => env('MAIL_HOST', '127.0.0.1'), + 'port' => env('MAIL_PORT', 2525), 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 'username' => env('MAIL_USERNAME'), 'password' => env('MAIL_PASSWORD'), @@ -84,9 +84,9 @@ return [ | Global "From" Address |-------------------------------------------------------------------------- | - | You may wish for all e-mails sent by your application to be sent from - | the same address. Here, you may specify a name and address that is - | used globally for all e-mails that are sent by your application. + | You may wish for all emails sent by your application to be sent from + | the same address. Here you may specify a name and address that is + | used globally for all emails that are sent by your application. | */ diff --git a/config/queue.php b/config/queue.php index 74da2e825..797be395c 100644 --- a/config/queue.php +++ b/config/queue.php @@ -6,9 +6,9 @@ return [ | Default Queue Connection Name |-------------------------------------------------------------------------- | - | Laravel's queue API supports an assortment of back-ends via a single - | API, giving you convenient access to each back-end using the same - | syntax for every one. Here you may define a default connection. + | Laravel's queue supports a variety of backends via a single, unified + | API, giving you convenient access to each backend using identical + | syntax for each. The default queue connection is defined below. | */ @@ -19,9 +19,11 @@ return [ | Queue Connections |-------------------------------------------------------------------------- | - | Here you may configure the connection information for each server that - | is used by your application. A default configuration has been added - | for each back-end shipped with Laravel. You are free to add more. + | Here you may configure the connection options for every queue backend + | used by your application. An example configuration is provided for + | each backend supported by Laravel. You're also free to add more. + | + | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null" | */ @@ -32,9 +34,19 @@ return [ 'database' => [ 'driver' => 'database', - 'table' => 'jobs', - 'queue' => env('QUEUE_STANDARD', 'standard'), - 'retry_after' => 90, + 'connection' => env('DB_QUEUE_CONNECTION'), + 'table' => env('DB_QUEUE_TABLE', 'jobs'), + 'queue' => env('DB_QUEUE', 'standard'), + 'retry_after' => (int) env('DB_QUEUE_RETRY_AFTER', 90), + 'after_commit' => false, + ], + + 'beanstalkd' => [ + 'driver' => 'beanstalkd', + 'host' => env('BEANSTALKD_QUEUE_HOST', 'localhost'), + 'queue' => env('BEANSTALKD_QUEUE', 'default'), + 'retry_after' => (int) env('BEANSTALKD_QUEUE_RETRY_AFTER', 90), + 'block_for' => 0, 'after_commit' => false, ], @@ -43,7 +55,7 @@ return [ 'key' => env('AWS_ACCESS_KEY_ID'), 'secret' => env('AWS_SECRET_ACCESS_KEY'), 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), - 'queue' => env('SQS_QUEUE', env('QUEUE_STANDARD', 'standard')), + 'queue' => env('SQS_QUEUE', 'default'), 'suffix' => env('SQS_SUFFIX'), 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 'after_commit' => false, @@ -51,9 +63,9 @@ return [ 'redis' => [ 'driver' => 'redis', - 'connection' => 'default', + 'connection' => env('REDIS_QUEUE_CONNECTION', 'default'), 'queue' => env('REDIS_QUEUE', env('QUEUE_STANDARD', 'standard')), - 'retry_after' => 90, + 'retry_after' => (int) env('REDIS_QUEUE_RETRY_AFTER', 90), 'block_for' => null, 'after_commit' => false, ], @@ -65,8 +77,10 @@ return [ |-------------------------------------------------------------------------- | | These options configure the behavior of failed queue job logging so you - | can control which database and table are used to store the jobs that - | have failed. You may change them to any database / table you wish. + | can control how and where failed jobs are stored. Laravel ships with + | support for storing failed jobs in a simple file or in a database. + | + | Supported drivers: "database-uuids", "dynamodb", "file", "null" | */ diff --git a/config/sanctum.php b/config/sanctum.php index 21129a888..ed34382fe 100644 --- a/config/sanctum.php +++ b/config/sanctum.php @@ -57,7 +57,8 @@ return [ */ 'middleware' => [ - 'verify_csrf_token' => Pterodactyl\Http\Middleware\VerifyCsrfToken::class, + 'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class, 'encrypt_cookies' => Pterodactyl\Http\Middleware\EncryptCookies::class, + 'verify_csrf_token' => Pterodactyl\Http\Middleware\VerifyCsrfToken::class, ], ]; diff --git a/config/services.php b/config/services.php index 5cc6e06e2..f8360cd32 100644 --- a/config/services.php +++ b/config/services.php @@ -13,13 +13,6 @@ return [ | */ - 'mailgun' => [ - 'domain' => env('MAILGUN_DOMAIN'), - 'secret' => env('MAILGUN_SECRET'), - 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), - 'scheme' => 'https', - ], - 'postmark' => [ 'token' => env('POSTMARK_TOKEN'), ], @@ -29,4 +22,15 @@ return [ 'secret' => env('AWS_SECRET_ACCESS_KEY'), 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), ], + + 'resend' => [ + 'key' => env('RESEND_KEY'), + ], + + 'slack' => [ + 'notifications' => [ + 'bot_user_oauth_token' => env('SLACK_BOT_USER_OAUTH_TOKEN'), + 'channel' => env('SLACK_BOT_USER_DEFAULT_CHANNEL'), + ], + ], ]; diff --git a/config/session.php b/config/session.php index d8fb98a09..6b684ceef 100644 --- a/config/session.php +++ b/config/session.php @@ -8,9 +8,9 @@ return [ | Default Session Driver |-------------------------------------------------------------------------- | - | This option controls the default session "driver" that will be used on - | requests. By default, we will use the lightweight native driver but - | you may specify any of the other wonderful drivers provided here. + | This option determines the default session driver that is utilized for + | incoming requests. Laravel supports a variety of storage options to + | persist session data. Database storage is a great default choice. | | Supported: "file", "cookie", "database", "apc", | "memcached", "redis", "dynamodb", "array" @@ -26,13 +26,14 @@ return [ | | Here you may specify the number of minutes that you wish the session | to be allowed to remain idle before it expires. If you want them - | to immediately expire on the browser closing, set that option. + | to expire immediately when the browser is closed then you may + | indicate that via the expire_on_close configuration option. | */ 'lifetime' => env('SESSION_LIFETIME', 720), - 'expire_on_close' => false, + 'expire_on_close' => env('SESSION_EXPIRE_ON_CLOSE', false), /* |-------------------------------------------------------------------------- @@ -40,21 +41,21 @@ return [ |-------------------------------------------------------------------------- | | This option allows you to easily specify that all of your session data - | should be encrypted before it is stored. All encryption will be run - | automatically by Laravel and you can use the Session like normal. + | should be encrypted before it's stored. All encryption is performed + | automatically by Laravel and you may use the session like normal. | */ - 'encrypt' => true, + 'encrypt' => env('SESSION_ENCRYPT', true), /* |-------------------------------------------------------------------------- | Session File Location |-------------------------------------------------------------------------- | - | When using the native session driver, we need a location where session - | files may be stored. A default has been set for you but a different - | location may be specified. This is only needed for file sessions. + | When utilizing the "file" session driver, the session files are placed + | on disk. The default storage location is defined here; however, you + | are free to provide another location where they should be stored. | */ @@ -78,22 +79,22 @@ return [ | Session Database Table |-------------------------------------------------------------------------- | - | When using the "database" session driver, you may specify the table we - | should use to manage the sessions. Of course, a sensible default is - | provided for you; however, you are free to change this as needed. + | When using the "database" session driver, you may specify the table to + | be used to store sessions. Of course, a sensible default is defined + | for you; however, you're welcome to change this to another table. | */ - 'table' => 'sessions', + 'table' => env('SESSION_TABLE', 'sessions'), /* |-------------------------------------------------------------------------- | Session Cache Store |-------------------------------------------------------------------------- | - | While using one of the framework's cache driven session backends you may - | list a cache store that should be used for these sessions. This value - | must match with one of the application's configured cache "stores". + | When using one of the framework's cache driven session backends, you may + | define the cache store which should be used to store the session data + | between requests. This must match one of your defined cache stores. | | Affects: "apc", "dynamodb", "memcached", "redis" | @@ -119,9 +120,9 @@ return [ | Session Cookie Name |-------------------------------------------------------------------------- | - | Here you may change the name of the cookie used to identify a session - | instance by ID. The name specified here will get used every time a - | new session cookie is created by the framework for every driver. + | Here you may change the name of the session cookie that is created by + | the framework. Typically, you should not need to change this value + | since doing so does not grant a meaningful security improvement. | */ @@ -137,20 +138,20 @@ return [ | | The session cookie path determines the path for which the cookie will | be regarded as available. Typically, this will be the root path of - | your application but you are free to change this when necessary. + | your application, but you're free to change this when necessary. | */ - 'path' => '/', + 'path' => env('SESSION_PATH', '/'), /* |-------------------------------------------------------------------------- | Session Cookie Domain |-------------------------------------------------------------------------- | - | Here you may change the domain of the cookie used to identify a session - | in your application. This will determine which domains the cookie is - | available to in your application. A sensible default has been set. + | This value determines the domain and subdomains the session cookie is + | available to. By default, the cookie will be available to the root + | domain and all subdomains. Typically, this shouldn't be changed. | */ @@ -176,11 +177,11 @@ return [ | | Setting this value to true will prevent JavaScript from accessing the | value of the cookie and the cookie will only be accessible through - | the HTTP protocol. You are free to modify this option if needed. + | the HTTP protocol. It's unlikely you should disable this option. | */ - 'http_only' => true, + 'http_only' => env('SESSION_HTTP_ONLY', true), /* |-------------------------------------------------------------------------- @@ -189,11 +190,26 @@ return [ | | This option determines how your cookies behave when cross-site requests | take place, and can be used to mitigate CSRF attacks. By default, we - | will set this value to "lax" since this is a secure default value. + | will set this value to "lax" to permit secure cross-site requests. + | + | See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value | | Supported: "lax", "strict", "none", null | */ - 'same_site' => env('SESSION_SAMESITE_COOKIE', 'lax'), + 'same_site' => env('SESSION_SAME_SITE', 'lax'), + + /* + |-------------------------------------------------------------------------- + | Partitioned Cookies + |-------------------------------------------------------------------------- + | + | Setting this value to true will tie the cookie to the top-level site for + | a cross-site context. Partitioned cookies are accepted by the browser + | when flagged "secure" and the Same-Site attribute is set to "none". + | + */ + + 'partitioned' => env('SESSION_PARTITIONED_COOKIE', false), ];