Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

echo_'s avatar
echo_
OP
2 years ago
Level 7

Can I use session as a global store in laravel ?

Hello, I'm building an api, with custom authentication layer. I'm not using Laravel's one at all because of certains requirement for the client project. I have to construct my user object through middleware based on a jwt token I receive. I'd like to store the constructed user globally during my request lifecycle so that I can access it anywhere in my Laravel application. Can i use Laravel session to do that ? Or is there an other way to it ?

0 likes
5 replies
tykus's avatar

There is no Session started whenever you are handling an API Request. You could cache the User object for the duration of the current Request using the array driver, it will expire after the Request/Response lifecycle

1 like
martinbean's avatar

Hello, I'm building an api, with custom authentication layer. I'm not using Laravel's one at all because of certains requirement for the client project. I have to construct my user object through middleware based on a jwt token I receive. I'd like to store the constructed user globally during my request lifecycle so that I can access it anywhere in my Laravel application. Can i use Laravel session to do that ? Or is there an other way to it ?

@echo_ APIs are typically stateless. If you’re receiving the JWT with each request then there’s no need to store it “globally”. You just parse the JWT in the request and if it’s valid, you handle the request or if it’s not, you return a 4** error.

There’s also no reason why you can’t use Laravel’s built-in authentication layer; I’ve written custom JWT guards for multiple projects in the past.

echo_'s avatar
echo_
OP
2 years ago
Level 7

@martinbean thanks for your answer. the user's infos are not store into DB, And all the informations of the user is constructed through the token and some Active Directory informations. So I"m barely not using the users table. That's why I didn't coupled it with Laravel authentification layer as it's build upon the User Model.

martinbean's avatar

@echo_ So what do you do about authorisation, or records created relating to the user? How do you associate records with a user if you don’t actually store the user details in your database? 🤷‍♂️

A user object that exists in memory only is pretty useless.

Please or to participate in this conversation.