Laravel - Session - Regenerating The Session Id

Regenerating the session ID is often done in order to prevent malicious users from exploiting a session fixation attack on your application.

Laravel automatically regenerates the session ID during authentication if you are using one of the Laravel application starter kits or Laravel Fortify; however, if you need to manually regenerate the session ID, you may use the regenerate method:


If you need to regenerate the session ID and remove all data from the session in a single statement, you may use the invalidate method: