位置:app/Http/Kernel.php
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
关键位置:
\Illuminate\Session\Middleware\StartSession::class
顺便提一下 \App\Http\Middleware\EncryptCookies::class
类
这个是加密解密cookie,保证数据完整性的逻辑代码部分,准备另起一篇cookie加密解密和保证数据完整性(不被篡改)进行记录
关键代码:handle
方法
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (! $this->sessionConfigured()) {
return $next($request);
}
// If a session driver has been configured, we will need to start the session here
// so that the data is ready for an application. Note that the Laravel sessions
// do not make use of PHP "native" sessions in any way since they are crappy.
$request->setLaravelSession(
$session = $this->startSession($request)
);
$this->collectGarbage($session);
$response = $next($request);
$this->storeCurrentUrl($request, $session);
$this->addCookieToResponse($response, $session);
// Again, if the session has been configured we will need to close out the session
// so that the attributes may be persisted to some storage medium. We will also
// add the session identifier cookie to the application response headers now.
$this->saveSession($request);
return $response;
}
从请求的cookie字段获取session文件名(sessionID)
$request->setLaravelSession(
$session = t h i s − > s t a r t S e s s i o n ( this->startSession( this−>startSession(request)
);
/**
* Start the session for the given request.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Contracts\Session\Session
*/
protected function startSession(Request $request)
{
return tap($this->getSession($request), function ($session) use ($request) {
$session->setRequestOnHandler($request);
$session->start();
});
}
/**
* Get the session implementation from the manager.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Contracts\Session\Session
*/
public function getSession(Request $request)
{
return tap($this->manager->driver(), function ($session) use ($request) {
$session->setId($request->cookies->get($session->getName()));
});
}
$this->manager->driver()
返回是object(Illuminate\Session\Store)
;
关键代码:
$this->saveSession($request);
- 1
/**
* Save the session data to storage.
*
* @param \Illuminate\Http\Request $request
* @return void
*/
protected function saveSession($request)
{
$this->manager->driver()->save();
}
这里是存储session数据, $this->manager->driver()
是vendor/laravel/framework/src/Illuminate/Session/FileSessionHandler.php
实体类
这个类自定义了所有关于session存取逻辑,
session存储数据(未序列化情况)
array(5) {
["_token"]=>
string(40) "kgPstXl3vtLj2qvCCZczYppGO8FNhx6E4PAQxgZf"
["url"]=>
array(0) {
}
["_previous"]=>
array(1) {
["url"]=>
string(32) "http://www.laravellearn.xyz/home"
}
["_flash"]=>
array(2) {
["old"]=>
array(0) {
}
["new"]=>
array(0) {
}
}
["login_web_59ba36addc2b2f9401580f014c7f58ea4e30989d"]=>
int(6) //登录用户数据库字段主键值
}
未登录情况下没有login_web_.sha1(static::class)
字段,login_web_sha1(static::class)
用于用户的相关认证
待续。。。
如有不正确的请指正