Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

marqably's avatar

Laravel session is not saved on first request

i have a problem with my laravel sessions (specifically with voyager admin panel - but could also be general) and I have debugged it a little.

Everytime I tried to login to voyager I got a 419 CSRF token error. (the @csrf token field is already included in the voyager mask and it worked fine before an update to laravel 4.8) I checked the change in laravel csrf token field name and it is already updated, by voyager package to work with laravel 4.8.

I tried to change to every session driver (file, redis, database, ...), but it still keeps showing the 419.

And sessions work fine in the rest of my application. I noticed a strange behavior with voyager though, that I cannot explain. It seems to somehow be related to sessions.

Middleware CSRF enabled: When I go to the login page, enter my data and click the login page. I see the 419 error. When I go back to the form in the same window and then fill out the form again, it works perfectly fine and I am logged in. If I close my window and open an private window in my browser it does the same again. This is reproducable. Every time I have to log in once (it fails) and from the second login on it works.

Middleware CSRF disabled (did this to test this further): Seems to have a similar problem.

I open voyager in my private window and click login. (it works, because CSRF is not enabled) But as soon as I click somewhere within voyager, it logs brings me back to the login form. If I enter my data for the second time, I am logged in again, but this time I can click and play around as much as I want. Everything works until I close the window and try again in a private window. (same thing - need 2 logins to be able to use everything)

So it seems like it is related to the session, not saving the first time, for some reason. I always need 2 attempts just to make it work.

This tells me, that the session kind of works in general (otherwise it wouldn't work the second time either), but why doesn't it work right away?

Any suggestions or ideas?

0 likes
0 replies

Please or to participate in this conversation.