From ae031fd488c3a6a9448f3d7b68456079e0613377 Mon Sep 17 00:00:00 2001
From: Kevin MacMartin <prurigro@gmail.com>
Date: Tue, 1 Dec 2015 00:00:45 -0500
Subject: [PATCH] Enable session security measures and set the cookie name
 using a .env variable

---
 .env.example       | 2 ++
 config/session.php | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.env.example b/.env.example
index 37aa1df..1751f23 100644
--- a/.env.example
+++ b/.env.example
@@ -8,6 +8,8 @@ DB_DATABASE=hypothetical
 DB_USERNAME=homestead
 DB_PASSWORD=secret
 
+COOKIE_NAME=hypothetical
+
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
diff --git a/config/session.php b/config/session.php
index f1b0042..05c0f86 100644
--- a/config/session.php
+++ b/config/session.php
@@ -44,7 +44,7 @@ return [
     |
     */
 
-    'encrypt' => false,
+    'encrypt' => true,
 
     /*
     |--------------------------------------------------------------------------
@@ -109,7 +109,7 @@ return [
     |
     */
 
-    'cookie' => 'laravel_session',
+    'cookie' => env('COOKIE_NAME', 'hypothetical'),
 
     /*
     |--------------------------------------------------------------------------
@@ -148,6 +148,6 @@ return [
     |
     */
 
-    'secure' => false,
+    'secure' => true,
 
 ];