Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

app_dev's avatar

Middleware session not detected.

Hello, I made a form application with C#. This application transmits the MAC address to the system with the get method. I excluded urls from web routes. Thus, access without signing will be blocked by middleware. But sessions are not working as expected. Here are the codes;

Middleware;

    public function handle(Request $request, Closure $next)
    {
        if (!$request->session()->has('mac')) {
            $data = "1";
            return response()->json($data, 200, [], JSON_UNESCAPED_UNICODE);
        }

        $allMacAddresses = DB::table('ips')->pluck('mac_address')->toArray();
        $macs = $request->session()->get('mac');

        if (!in_array($macs, $allMacAddresses)) {
            $data = "2";
            return response()->json($data, 200, [], JSON_UNESCAPED_UNICODE);
        }

        return $next($request); 
    }

Routes

Route::get('/mac', function (Request $request) {
    
    $macAddress = $request->query('mac_address');

    if(!$macAddress){
        $data = "3";
        return response()->json($data, 200, [], JSON_UNESCAPED_UNICODE);
    }

    $request->session()->put('mac', $macAddress);
    $request->session()->save();

    return redirect('/');
})->withoutMiddleware([
    'exemac',
]);

Route::get('/{any}', [AppController::class, 'index'])->where('any', '.*');

When I provide action with the url for the first time, everything works. However, the session is not detected in subsequent transactions. When I examine cookies from the browser, the cookie contents constantly change with each request.

0 likes
0 replies

Please or to participate in this conversation.