From what I know, the app key in Laravel provides protection for session and sensitive data, but what I want to understand is how exactly does it work? What is the purpose of it?
I couldn’t find any information about it.
Advertisement
Answer
APP_KEY is used for encryption and not hashing. Every Data you encrypt in your application is using APP_KEY behind the scene. Do remember that encrypted data can be decrypted but hashed data cannot be decrypted.
A common misconception of APP_KEY is that it is related to Password hashing, the truth is it’s not. and here is the proof.
You can see in the above tweet that APP_KEY has nothing to do with HASHED data