all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Laravel Tinker: login as another user and generate an injectable session cookie

Add to bookmarks
May 8, 2024, 11:19 p.m. | Lemuel Flores

DEV Community dev.to




Generating session cookie



  • Enter Laravel Tinker



php artisan tinker



  • Authenticate



# Login using id
auth()->loginUsingId(1);

# Login using a user instance
auth()->login(User::where('email', 'foo@bar.com')->first())



  • Save the session



session()->save()


If you are not using EncryptedCookie for some reason, you can stop at this step and proceed to injecting the session id to your session cookie:



session()->getId()



  • Generate the cookie value that is about to get encrypted



\Illuminate\Cookie\CookieValuePrefix::create(config('session.cookie'), app(\Illuminate\Contracts\Encryption\Encrypter::class)->getKey()).session()->getId()



  • Generate the encrypted cookie value


It is highly likely the 2nd parameter here is …

auth authenticate can com cookie email instance laravel login php session

Visit resource

More from dev.to / DEV Community

Tips to Maintain Strong Cloud Security 2 hours ago | dev.to
access accessibility applications breaches +23
Docker, Linux, Security. Kinda. 5 hours ago | dev.to
apparmor application container containers +7
Guía Completa sobre AWS IAM: Usuarios, Grupos, Permisos y Buenas Prácticas 6 hours ago | dev.to
access access management amazon amazon web services +11
Building a Fort: Django Security Best Practices 6 hours ago | dev.to
application best practices blog blog post +19
Cracking GPT Assistants: Extracting Prompts and Associated Files 14 hours ago | dev.to
age ai artificial artificial intelligence +14
Comprehensive Guide to Optimizing WordPress Security: Tips and Best Practices 17 hours ago | dev.to
best practices breaches can consequences +22
Introducing the Ultimate Password Generator: Your Key to Online Security 17 hours ago | dev.to
advanced age application digital +18
Some notes on symmetric encryption in golang 21 hours ago | dev.to
box crypto cryptography encrypt +14
8 Gmail Hacks that you shouldn't miss 23 hours ago | dev.to
don effectively email emails +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com