php - adjusting laravel's timeout settings for basic access authentication

Question

According to https://laravel.com/docs/7.x/authentication#http-basic-authentication Laravel supports basic HTTP authentication.

According to https://tools.ietf.org/html/rfc7235#section-6.2 "Clients that have been idle for an extended period, following which the server might wish to cause the client to re-prompt the user for credentials".

My questions is... can the length of this "extended period" be adjusted in Laravel? If so how would I do that? And what happens if a new Docker container is launched and then a client who had been connecting to one container suddenly connects to this new Docker container? Will the client be reprompted to login in that scenario? If so how could I make it so that it wouldn't do that?

I'm running Laravel 5.5.

question from:https://stackoverflow.com/questions/65896407/adjusting-laravels-timeout-settings-for-basic-access-authentication

Answer 1

Regarding your first question: the config/session.php has a 'lifetime' setting (overridable by the .env file setting, which has a setting for 'Session Timeout' (typically 120 minutes)).

You can use Auth::check() in your middleware to see if the session expired, and if so you can redirect back to the 'Login' page.

This link shows you how to use it https://laravel.io/forum/09-10-2015-l5-detect-session-expiration

Look at SynRJ's reply

Regarding your 2nd question, I am unable to help.