Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

basiltap's avatar

Laravel Socialite Cognito is destroying the session and Cart on login

Working in Laravel 9 with LaravelShoppingcart and Socialite Cognito. I have a registration schedule where students can apply for diverse courses and added to the Cart. At the checkout I make an authentication with cognito, but it returns a new session and destroy the last session where the cart is stored.

I have checked the docs and the config files, but I cannot find any point about this.

Can you help me, please?

0 likes
6 replies
basiltap's avatar

@martinbean I though that it was clear in the description, but, here is the code:

		<?php

			namespace App\Http\Controllers;

			use App\Models\Login;
			use App\Models\User;
			use Illuminate\Http\Request;
			use Illuminate\Support\Facades\Auth;
			use Laravel\Socialite\Facades\Socialite;

			class LoginController extends Controller
			{

				// Routes:
				// Login
    			   // Route::get('{school}/login/cognito', [App\Http\Controllers\LoginController::class, 'redirectToProvider']);
    				// Route::get('{school}/login/cognito/callback', [App\Http\Controllers\LoginController::class, 'handleProviderCallback']);
    				// Route::get('{school}/logout/cognito', [App\Http\Controllers\LoginController::class, 'cognitoLogout']);


public function redirectToProvider($school) {

    // dump(\Cart::content());  // This cart has content here.
    return Socialite::driver('cognito')->redirect();  

}


public function handleProviderCallback(Request $request) {

    // dump(\Cart::content()); // No content here, after cognito callback
    $cognitoUser = Socialite::driver('cognito')->stateless()->user(); 

    return redirect(route('checkout_form', ['school' => $school])); // ToDo: esto no redirige bien
}


public function cognitoLogout() {
    Auth::logout(); // Log out app
    return redirect(Socialite::driver('cognito')->logoutCognitoUser()); // Call cognito logout url
}

}

martinbean's avatar

@basiltap What package are you using to add Cognito authentication? As Socialite doesn’t include a provider for Cognito out of the box.

noez's avatar

I've the same problem with socialite apple-login currently. All other (twitter, GitHub, discord ...) are fine. I'm still at debugging.

noez's avatar

For me, the problem is solvable if I set same_site to null instead of lex in config/session. But this seems to me to be too unsafe as a final solution. The allow origin header is not the problem, I have set it to *. Very strange so far.

Please or to participate in this conversation.