Level 8
how exactly are you testing this ? and how exactly did you add the "login" feature of laravel to your project? just adding $this->middleware('auth'); to the controller __constuctor is not enough.
Apr 4, 2018
27
Level 1
Laravel Authentication Not Persisting
I'm unable to persist a login after one page or even a refresh. I'm using out of the box authentication. Also each controller is using $this->middleware('auth');. Is there something obvious I'm missing or what?
Level 1
I used the "php artisan make:auth" command. Edited this so that it would redirect to my desired views after authentication.
Level 50
don't use $this->middleware('auth'); on each controller. for login and signup you should remove auth middleware . because guest can't go to login or signup if you use auth middleware
Level 10
@rin4ik I think you're missing the point the author is trying to make.
@chrisoriordan check your config, especially .env file. Look for SESSION_DRIVER setting. Is it anything other than file? If so, what is it, and is it properly set up and turned on?
1 like
Level 1
@arukomp here is everything inside that section:
BROADCAST_DRIVER=log CACHE_DRIVER=file SESSION_DRIVER=file SESSION_LIFETIME=120 QUEUE_DRIVER=sync
Level 10
@chrisoriordan that looks fine. Show me your app/Http/Kernel.php file, specifically the protected $middlewareGroups variable. Perhaps it is missing the session middleware
1 like
Level 1
@arukomp here is all the code inside that section
protected $middleware = [ \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \App\Http\Middleware\TrustProxies::class, ];
Level 10
that's the wrong variable. Look at $middlewareGroups
1 like
Level 1
Ok I have that now @arukomp
/** * The application's route middleware groups. * * @var array */ protected $middlewareGroups = [ 'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, // \Illuminate\Session\Middleware\AuthenticateSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, ],
'api' => [
'throttle:60,1',
'bindings',
],
];
Level 8
wow, I am confused.
How do you actually get the conclusion the session is not being save? can you show us ?
Level 75
Storage has correct permissions?
Level 1
So I checked the storage all the permissions are correct there. As far as what is actually going on each time I go to a different page, it goes to a login a page asking the user again to sign in.
Level 75
Try setting something in session and see if that persist, like
Have this use statement
use Illuminate\Support\Facades\Session;
and in a method
Session::put('mytest', 'hello');
and try it on another page
echo Session::get('mytest');
If that works then it's your Auth code somehow.
Weird, many have had session trouble, I never have.
1 like
Level 8
I neved had session problems.
try opening the developer tools of the browser, and check in your cookies for session variables, and share them here, just the names, not the values.
1 like
Level 8
also ... check logs. check laravel log, and web server logs (apache, nginx, etc),
for laravel , logs are in storage/logs
for apache: /var/log/apache2/error.log
1 like
Level 1
@jcmargentina Here is the screen shot of all my cookies this is what I see just after login.
@jidrw Tested your code it is printing to the screen as expected
Level 8
ok, cookies looks fine.
did you check the logs?
also ... did you try removing the " $this->middleware('auth'); " from your controller and check again??
1 like
Level 1
Where in the logs should I be looking an if I take that out there is no check to see if an authenticated user is viewing that said page. Also none of the Auth::user() functionality would work
Level 67
Just delete the /storage/logs/laravel.log file.
Then try the request again. Now go look at the log file (it will recreate it if it's not present). It will only contain the errors from your last request.
Level 8
Various things ...
-
Show us the form used to perform the login (the html code of the view
-
@chrisoriordan , just delete the middleware sentence, doesnt matter if you get an error, what you want to find out is if you are redirected OK.
let me explain better,... you are already login ... right ? well, try to access a section in your website that is protected by the $this->middleware('auth') BUT remove it first ....if you get the page expected ... we know for sure where to debug, BUT imagine you still get the login page for a section in your site that is not protected !!!!!???? WOW!.
please make this test .
- about the logs. I dont know if you have linux... windows ... mac. I assumed you were on Linux ... my mistake.
Level 8
just for curiosity .... the form you use to login ... does have a POST method on it?, it must !
Level 1
Ok so the pages open as expected when the $this->middleware('auth') is removed. Also log file is empty.
Could I possibly try just pasting back in all the default code that comes when the make:auth command is made
Level 3
Are you sure you don't accidently have Auth::logout() anywhere in your views? Perhaps in your navigation partial? A common mistake is for people to set the href of, say, a logout button to Auth::logout() instead of referencing the route.
1 like
Level 1
@joshuafranks That was it, I assumed it would only be called if clicked on. Your a life saver
1 like
Level 8
LOL! glad you solved your problem
1 like
Level 1
I have same issue AND i cannot figure out what wrong - NEED HELP!!!
I dont have Auth::logout anywhere and after reload session is gone. No errors in /storage/logs/laravel.log file I also have session files /storage/framework/sessions session file content is: a:4:{s:6:"_token";s:40:"anEzZsBNvEmQuqvUHOH6NivbECNqM2J5oD4PpEYR";s:3:"url";a:1:{s:8:"intended";s:34:"https://arikonto.projectpartner.ee";}s:6:"_flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}s:9:"_previous";a:1:{s:3:"url";s:40:"https://arikonto.projectpartner.ee/login";}}
routes/web.php
echo 'SESSION:' . Illuminate\Support\Facades\Session::get('mytest');//everything is ok
Route::middleware('auth:web')->group(function () {
Route::get('/', function () {
return null;
//return view('welcome');
});
});
Route::get('/login', [\App\Http\Controllers\IndexController::class, 'Login'])->name('login'); Route::post('/login', [\App\Http\Controllers\IndexController::class, 'Auth']);
Route::get('/suva', function () {
echo Illuminate\Support\Facades\Session::get('mytest');
die('see');
})->name('suva');
HTML
AUTH
public function Auth(Request $request): RedirectResponse { $credentials = $request->validate([ 'username' => ['required'], 'password' => ['required'], ]);
if (Auth::attempt(['name' => $credentials['username'], 'password' => $credentials['password'], 'is_enabled' => 1])) {
$request->session()->regenerate();
Session::put('mytest', 'hello');
//return redirect()->intended('suva');
return redirect('/suva');
}
}
KERNEL
protected $middlewareGroups = [ 'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, ],
'api' => [
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
Level 122
@critic please start your iwn question, and format your code blocks correctly
Please or to participate in this conversation.