Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Session
Assessments

Session Laravel Package

illuminate/session

Illuminate Session provides Laravel’s session management layer, including session stores, handlers, middleware support, flash data, and CSRF-friendly session integration. Use it to persist user state across requests with a consistent API, in Laravel or standalone.

View on GitHub
Deep Wiki
Context7

Getting Started

Start by installing illuminate/session via Composer, then register its service provider and facade aliases manually (e.g., SessionServiceProvider) if using Laravel outside the full framework. For typical Laravel apps, it’s already bundled and auto-configured—no extra setup needed. The first use case is storing small, user-specific data across requests: Session::put('key', 'value'); $value = Session::get('key');. Check config/session.php (Laravel) or build your own config to set driver (file, database, redis, array, or custom).

Implementation Patterns

  • Flash messages: Use Session::flash('status', 'Saved!') for one-time notifications (e.g., form confirmations), accessible only in the next request.
  • Atomic operations: Leverage Session::pull('key') to retrieve and delete in one call, or Session::increment('counter') / Session::decrement() for simple counters.
  • Custom drivers: Implement SessionHandlerInterface and register via Session::extend('custom', fn() => new CustomHandler), useful for Redis, DynamoDB, or encrypted payloads.
  • Bagging related data: Group state with Session::put('user.preferences.theme', 'dark') or use Session::push('alerts', $message) to append to arrays.
  • Middleware integration: Access session in route middleware to persist redirects (Redirect::intended()) or store previous URLs (Session::put('url.intended', Request::url())).

Gotchas and Tips

  • Driver mismatch: The array driver resets session data on every request—never use in production. file requires writable storage; database needs the sessions table (php artisan session:table && php artisan migrate).
  • Concurrent requests: Session locking (via driver) prevents race conditions. If using file or database, long-running requests block other requests for the same session. Consider Session::save() after critical writes, or switch to Redis for better concurrency.
  • Serialization caveats: Complex objects are serialized—ensure classes are autoloadable and stable (e.g., avoid anonymous classes). Laravel uses serialize()/unserialize() unless config specifies json.
  • ** CSRF & session binding**: Laravel binds CSRF token to session; clearing session invalidates tokens. Regenerate token sparingly (Session::regenerateToken()), not on every request.
  • Testing tip: In feature tests, Session::flush() or Session::start() manually if isolation matters—Laravel clears session per test, but not always when using Session::instance().
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport