Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

bytefury's avatar

Persisting Sessions across Subdomains

I have already tried to change session config :

'domain' => '.example.com'

But whenever i make this change.. Auth::check() stops working or i get TokenMismatchException if i try to login through private window..

I also tried deleting browser cache & cookies but i am still stuck on TokenMIsmatch after doing that.

Any help would be appreciated.

0 likes
4 replies
kfirba's avatar

@bytefury have you tried to prefix it with a *?

'domain' => '*.example.com'

Also, you may want change your session driver to something like memcached or redis (preferred) on another server.

bytefury's avatar

Also i would like to mention that i am currently testing this locally on 'shop.app' . Does it have anything to with that?

Sessions are working fine after hardcoded the domain name' :

'domain' => '.shop.app'

Is this the correct way to go?

acm4b's avatar

Okay figured out this headache!! Note, I am using Homestead.

So, you have to do a few things:

  • Update the url configuration in config/app.php from http://localhost to the actual URL you are using, http://domain.com
  • Update the domain configuration in config/session.php to .domain.com (make sure you insert the "." prefix)

If using Homestead, I highly recommend using Redis for the session handler since it basically comes out of the box. To do so:

  1. composer require predis/predis
  2. Update SESSION_DRIVER to equal redis in .env
  3. Update connection configuration in config/session.php to default
2 likes

Please or to participate in this conversation.