Reputation: 905
Do I need the old APP_KEY if I want to replace my Laravel App code?
I want to remake my Laravel application, but I'm keeping the same old DB. So I don't want users passwords to become invalid.
Do I need to copy the APP_KEY from my current app into the new one?
What else would I need to do to make sure my users won't have any trouble logging into the new App using their current passwords?
Upvotes: 1
Views: 1195
Answers (2)
Reputation: 5552
APP_KEY is used for encryption, not hashing, so your user passwords will not be affected.
What will be affected are encrypted session cookies. Changing APP_KEY will effectively cause all users to be logged out, and invalidate any existing session cookies. This is probably okay, but something worth paying attention to.
If you use encryption for any of your database data, you will also need to decrypt all of the existing data with the previous key and re-encrypt with the new key.
If you're using Laravel Passport and have long-lived access tokens, they may also become invalid and need to be re-issued.
Upvotes: 1
Reputation: 677
This is a common misconception.
Laravels passwords are hashed using Hash::make() or bcrypt(), neither of which use APP_KEY so it shouldn't affect it.
You shouldn't need to do anything, I sometimes have several test databases which I switch between, and haven't had any problems.
The APP_KEY is actually used for encrypted cookies, including Session cookies
Upvotes: 3
Related Questions
- What is the significance of Application key in a Laravel Application?
- When to generate a new Application Key in Laravel?
- Run a Laravel Application With or Without a Key
- Is my APP_KEY the only thing unique to Laravel's Crypt
- Laravel's application key - what it is and how does it work?
- Laravel 5 Application Key
- Deploying Laravel without regenerating key
- How do I add a new APP_KEY to a Laravel project?
- Do I need to set the Application Key in Laravel 5.2
- Generating an application key in Laravel 4