├── .editorconfig ├── src ├── Providers │ └── SessionServiceProvider.php └── Middleware │ └── StartSession.php ├── composer.json ├── LICENSE.md └── README.md /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | indent_size = 4 7 | indent_style = space 8 | insert_final_newline = true 9 | trim_trailing_whitespace = true 10 | -------------------------------------------------------------------------------- /src/Providers/SessionServiceProvider.php: -------------------------------------------------------------------------------- 1 | registerSessionManager(); 15 | 16 | $this->registerSessionDriver(); 17 | 18 | $this->app->singleton("Kevinsimard\CookielessSession\Middleware\StartSession"); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "kevinsimard/laravel-cookieless-session", 3 | "description": "Laravel middleware to start a cookieless session", 4 | "keywords": ["laravel", "cookieless", "session", "token"], 5 | "license": "MIT", 6 | "authors": [ 7 | { 8 | "name": "Kevin Simard", 9 | "email": "kev.simard@gmail.com" 10 | } 11 | ], 12 | "require": { 13 | "illuminate/http": "5.2.*|5.3.*" 14 | }, 15 | "autoload": { 16 | "psr-4": { 17 | "Kevinsimard\\CookielessSession\\": "src/" 18 | } 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) Kevin Simard 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Laravel Cookieless Session Middleware 2 | 3 | All you need to do is to add the following key `X-Session-Token` to your requests" headers to load sessions. 4 | 5 | ## Installation 6 | 7 | Replace the original start session middleware in `app/Http/Kernel.php`. 8 | 9 | ```php 10 | [ 31 | ... 32 | //"Illuminate\Session\SessionServiceProvider", 33 | "Kevinsimard\CookielessSession\Providers\SessionServiceProvider", 34 | ... 35 | ], 36 | ``` 37 | 38 | ## Code Structure 39 | 40 | ├── src 41 | │   └── Kevinsimard 42 | │   └── CookielessSession 43 | │   ├── Middleware 44 | │   │   └── StartSession.php 45 | │   └── Providers 46 | │   └── SessionServiceProvider.php 47 | ├── .editorconfig 48 | ├── .gitattributes 49 | ├── .gitignore 50 | ├── LICENSE.md 51 | ├── README.md 52 | └── composer.json 53 | 54 | ## License 55 | 56 | This package is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT). 57 | -------------------------------------------------------------------------------- /src/Middleware/StartSession.php: -------------------------------------------------------------------------------- 1 | sessionHandled = true; 19 | 20 | // If a session driver has been configured, we will need to start the session here 21 | // so that the data is ready for an application. Note that the Laravel sessions 22 | // do not make use of PHP "native" sessions in any way since they are crappy. 23 | if ($this->sessionConfigured()) { 24 | $session = $this->startSession($request); 25 | 26 | $request->setSession($session); 27 | } 28 | 29 | $response = $next($request); 30 | 31 | // Again, if the session has been configured we will need to close out the session 32 | // so that the attributes may be persisted to some storage medium. We will also 33 | // add the session identifier to the application response headers now. 34 | if ($this->sessionConfigured()) { 35 | $this->storeCurrentUrl($request, $session); 36 | $this->collectGarbage($session); 37 | $this->addIdentifierToResponse($response, $session); 38 | } 39 | 40 | return $response; 41 | } 42 | 43 | /** 44 | * {@inheritdoc} 45 | */ 46 | public function getSession(Request $request) 47 | { 48 | $sessionToken = $request->headers->get("X-Session-Token", 49 | $request->input("_session-token")); 50 | 51 | $session = $this->manager->driver(); 52 | $session->setId($sessionToken); 53 | 54 | return $session; 55 | } 56 | 57 | /** 58 | * {@inheritdoc} 59 | */ 60 | protected function addIdentifierToResponse(Response $response, SessionInterface $session) 61 | { 62 | if ($this->sessionIsPersistent($config = $this->manager->getSessionConfig())) { 63 | $response->headers->set("X-Session-Token", $session->getId()); 64 | } 65 | } 66 | } 67 | --------------------------------------------------------------------------------