Cookie β
Doppar provides two ways to manage cookies in the application. One is Phaseolies\Support\Facades\Cookie facades and another is global cookie() helper fucntion. Each approach allows you to store, retrieve, and delete cookies efficiently. Let's explore both methods in detail.
Storing Cookies β
The Cookie facade provides a structured way to manage cookies. It allows you to store, retrieve, and remove cookies with additional options like expiration time, path, and security settings. To store cookies, simply use store() function.
use Phaseolies\Support\Facades\Cookie;
Cookie::store('cookie_name', 'cookie_value');You can do the same job using cookie() helper like that
cookie()->store('cookie_name', 'cookie_value');Cookie with Expiration Time β
When working with cookies in Doppar, you can define a custom expiration time to control how long the cookie should remain on the user's browser. The Cookie::store() method allows for flexible expiration formats, giving you full control over cookie lifetime.
Here are the three common ways to set the expiration. You can define the expiration time as a Unix timestamp (in seconds):
cookie()->store('user_token', 'abc123', ['expires' => time() + 3600]);
// Expires in 1 hourYou can also pass a DateTime object to set a specific future date and time:
$expireDate = new \DateTime('+1 day');
cookie()->store('user_token', 'abc123', ['expires' => $expireDate]);
// Expires in 24 hoursYou can provide a string that strtotime() can parse, for maximum readability:
cookie()->store('user_token', 'abc123', ['expires' => '+1 week']);
// Expires in 7 daysYou can use Carbon also like that
use Carbon\Carbon;
cookie()->store('temp_data', 'value456', [
'expires' => Carbon::parse('next friday 3pm')
]);Cookie with Path β
In Doppar, you can restrict a cookie to a specific URL path using the path option. This means the cookie will only be sent to the server when the request URI matches the defined path or a subpath.
Here's how to create a cookie that's only accessible under /settings:
cookie()->store('prefs', 'dark', ['path' => '/settings']);In this example:
'prefs'is the cookie name.'dark'is the value.'path' => '/settings'ensures the cookie is only available for URLs starting with/settings.
Cookie With Domain β
Doppar allows you to assign cookies to a specific domain (or subdomains) using the domain option. This is especially useful when your application spans multiple subdomains and you want the same cookie to be accessible across all of them.
cookie()->store('session', 'xyz789', ['domain' => '.example.com']);In this example:
'session'is the cookie name.'xyz789'is the value.'domain' => '.example.com'allows the cookie to be shared across example.com, www.example.com, admin.example.com, etc
Secure & HttpOnly β
When storing cookies, security is a crucial aspect, especially for authentication and sensitive user data. The secure and httponly attributes help protect cookies from attacks such as cross-site scripting (XSS) and man-in-the-middle (MITM) attacks.
cookie()->store('auth', 'secure123', [
'secure' => true, // HTTPS only
'httponly' => true // JavaScript cannot access
]);SameSite Attribute β
The SameSite attribute helps protect your application against Cross-Site Request Forgery (CSRF) attacks by controlling when cookies are sent along with cross-origin requests. In Doppar, you can configure this easily when storing a cookie.
use Phaseolies\Http\Response\Cookie;
cookie()->store('csrftoken', 'rand123', [
'samesite' => Cookie::SAMESITE_STRICT
]);Partitioned (for CHIPS) β
Setting 'partitioned' => true allows a cookie to be accessed only within a specific cross-site context, without being shared across different origins. This helps prevent third-party tracking while still enabling functionalities like embedded content authentication.
cookie()->store('tracking', 'user123', [
'partitioned' => true // For cross-site cookies
]);Raw Cookie (no URL encoding) β
By default, cookies are URL-encoded, meaning special characters like = and & are automatically converted to a safe format. However, if you need to store data without encoding, you can use the raw option.
cookie()->store('raw_data', 'some=value', [
'raw' => true // Disables URL encoding
]);Forever Cookie β
A forever cookie is a cookie that does not expire or is set with a very distant expiration date, ensuring it remains stored in the user's browser for an extended period. These cookies are useful for remembering user preferences, authentication tokens, and long-term tracking. You can store forever cookie as like below by using forever method.
cookie()->forever('remember_me', 'yes', [
'path' => '/',
'httponly' => true
]);Retrieving Cookies β
Accessing cookies in Doppar is simple and can be done using either the Cookie facade or the cookie() helper. Both methods allow you to retrieve values that were previously stored in the user's browser.
use Phaseolies\Support\Facades\Cookie;
Cookie::get('user_token');
cookie()->get('user_token');Functionally identical to the facade, but this provides a cleaner syntax especially in more compact or helper-driven code.
Check Cookie Existence β
Before accessing a cookie, itβs best practice to check if it exists to avoid errors. Doppar provides a method to verify whether a specific cookie is present using has()
if (cookie()->has('user_token')) {
// Cookie exists
}Delete Cookie β
When a cookie is no longer needed, it should be deleted to ensure proper data management and security. Doppar provides a way to remove cookies using the remove() method.
cookie()->remove('user_token');
// With Path/Domain
cookie()->remove('old_cookie', [
'path' => '/special',
'domain' => '.example.com'
]);Cookie Create Without Sending β
In some cases, you might want to create a cookie but not immediately send it to the user's browser. This can be useful for situations where you need to modify the cookie before sending it or store it for later in the same request cycle. Doppar provides a way to create cookies in advanced scenarios like this by using the make() method.
use Phaseolies\Http\Response\Cookie;
$cookie = cookie()->make('preview_mode', 'enabled', [
'expires' => '+30 minutes',
'samesite' => Cookie::SAMESITE_LAX
]);
// Send later
cookie()->store($cookie);Modifying an Existing Cookie β
In some cases, you may need to update the value or properties of an already created cookie. Doppar provides a convenient way to modify an existing cookie using methods like withValue() and withExpires(). These methods allow you to change the value or expiration of a cookie after it has been created.
cookie()->make('existing_cookie', '1')
->modify()
->withValue('10')
->withExpires('+1 day')
->update();You can extend it also like that
Cookie::make('existing_cookie', 'light')
->modify()
->withValue('dark')
->withPath('/settings')
->withDomain('.example.com')
->withSecure(true)
->withSameSite('lax')
->update();This flexible approach lets you fully control cookie behavior without recreating it from scratch.
Fetch All Cookies β
If you need to retrieve all cookies that are currently stored and sent with a request, Doppar provides two simple ways to access them. This is especially useful when debugging or processing multiple cookies at once.
$request->cookies->all();This retrieves all cookies as an associative array, where the keys are cookie names and the values are their respective data.
You can use cookie() helper also to get all cookies.
cookie()->all();This method gives you the same resultβan array of all available cookiesβwithout needing direct access to the request instance.