Level 10
I can't use CSRF token as I'm redirected back from a login service, but I created a middleware group with all the same middlewares as web except for the token.
Mar 15, 2017
4
Level 10
Session lost after login
My setup is that I am using a third party SAML2 login (Single Sign On). That activates a Listener Saml2Login whenever it gets redirected back that checks the credentials I'm given from the service.
Then I perform Auth::loginUsingId($user->id); according to the ID I got from the server.
Everything works so far in Chrome and Firefox, but Internet Explorer and Edge forgets the information about the signed on session to the next page, so the user is not signed on.
Any ideas how I can fix this issue?
It's App\Http\Middleware\Authenticate.php where it has forgotten the login after the listener.
Level 10
I figured this out and now I simply added the login page to the excluded list and made it a web middleware, but the problems are still the same.
Level 10
Removing _ from the session name seems to fix it. I can't believe why this messed up IE and maybe the default name should be changed in the future.
Level 2
@EmilMoe Thanks! I agree the default name should be changed :P
Please or to participate in this conversation.