摘自:learnku论坛网友MArtian
在部署项目的时候必须执行,尤其是从 git
上拉下来的项目,需要手动配置 .env
文件。php artisan key:generate
,项目中所有的的 OpenSSL
加密都是依赖它生成的,包括 Cookie
,Session
,还有 JWT
这些组件。
所以如果你有生产环境和开发环境,最好都使用命令生成 key
,避免重复,而且 key
一旦泄露项目就危险了。
话又说回来,如果没有配置 app_key
项目是运行不起来的。
生成后的key位置在.env里面。
官网解释
Introduction
Laravel's encryption services provide a simple, convenient interface for encrypting and decrypting text via OpenSSL using AES-256 and AES-128 encryption. All of Laravel's encrypted values are signed using a message authentication code (MAC){消息认证码} ,so that their underlying value can not be modified or tampered with once encrypted.{因此,一旦加密,其基础值就不能被修改或篡改}
Configuration
Before using Laravel's encrypter, you must set the key
configuration option in your config/app.php
configuration file. This configuration value is driven by the APP_KEY
environment variable. You should use the php artisan key:generate
command to generate this variable's value since the key:generate
command will use PHP's secure random bytes generator to build a cryptographically secure key for your application. Typically, the value of the APP_KEY
environment variable will be generated for you during Laravel's installation.