all InfoSec news
Laravel Tinker: login as another user and generate an injectable session cookie
May 8, 2024, 11:19 p.m. | Lemuel Flores
DEV Community dev.to
Generating session cookie
- Enter Laravel Tinker
php artisan tinker
- Authenticate
# Login using id
auth()->loginUsingId(1);
# Login using a user instance
auth()->login(User::where('email', 'foo@bar.com')->first())
- Save the session
session()->save()
If you are not using EncryptedCookie for some reason, you can stop at this step and proceed to injecting the session id to your session cookie:
session()->getId()
- Generate the cookie value that is about to get encrypted
\Illuminate\Cookie\CookieValuePrefix::create(config('session.cookie'), app(\Illuminate\Contracts\Encryption\Encrypter::class)->getKey()).session()->getId()
- Generate the encrypted cookie value
It is highly likely the 2nd parameter here is …
auth authenticate can com cookie email instance laravel login php session
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Senior Security Researcher - Linux MacOS EDR (Cortex)
@ Palo Alto Networks | Tel Aviv-Yafo, Israel
Sr. Manager, NetSec GTM Programs
@ Palo Alto Networks | Santa Clara, CA, United States
SOC Analyst I
@ Fortress Security Risk Management | Cleveland, OH, United States