Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

emmettculley's avatar

Session not sticky when set in login request

Laravel 10. This worked in some earlier versions. Not sure when it changed.

If I set a session variable in the authenticated method during login, it is not there in subsequent page loads.

Example:

in LoginController

protected function authenticated(Request $req, $user)
   {
       if (config('site.manage_help')) {
           session(['manage_help' => true]);
           session()->save();
       }
   }

I've tried it with and without the ->save() call. In any subsequent controller call or page load the 'manage_help' session variable does not exist.

I tried moving \Illuminate\Session\Middleware\StartSession::class to the protected $middleware variable in App\Kernel.php, as suggested in other mentions of this issue. Still no 'mamage_help' session variable.

As mentioned above this code worked as expected in an earlier Larvel version. Not sure which as I just noticed this doesn't work. I was on Laravel 8 for quite awhile, and I "think" it worked then, but I am not sure.

Any clues on how to get a session variahle to stick when setting in a login request?

0 likes
3 replies
LaryAI's avatar
LaryAI
AI
2 years ago
Level 58

It seems like you're encountering an issue where the session variable you're setting during the login process is not persisting across subsequent requests. This could be due to a number of factors, including changes in how Laravel handles sessions between versions or a misconfiguration in your session settings.

Here's a step-by-step approach to troubleshoot and potentially solve the issue:

  1. Check Session Driver Configuration: Ensure that your .env file has a session driver that supports persistent sessions, such as file, database, redis, etc. The array driver will not persist sessions across requests.

    SESSION_DRIVER=file

  2. Middleware Order: Ensure that the StartSession middleware is executed before your authenticated method. This middleware should be included in the web middleware group in app/Http/Kernel.php, which is applied to routes in routes/web.php.

  3. Clear Configuration Cache: If you've made changes to your configuration files or .env file, make sure to clear the configuration cache:

    php artisan config:clear

  4. Session Key Conflicts: Make sure that the session key manage_help is not being overwritten or unset elsewhere in your application.

  5. Session Initialization: Ensure that the session is actually started before you try to set a value. This is typically handled by the middleware, but if you're doing something custom, you might need to manually start the session.

  6. Test Session Persistence: Create a simple route to test if sessions are working outside of the login process:

    Route::get('/session-test', function () {
    session(['test' => 'value']);
    return redirect('/session-check');
});

Route::get('/session-check', function () {
    return session('test');
});

    If this works, then the issue is likely with how the session is being set during the login process.

  7. Override the login Method: If the authenticated method isn't working for you, try overriding the login method directly in your LoginController to set the session variable immediately after the user is authenticated:

    use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

protected function login(Request $request)
{
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) {
        // Authentication passed...
        if (config('site.manage_help')) {
            session(['manage_help' => true]);
        }
        return redirect()->intended('dashboard');
    }
}

  8. Session Middleware: If you've moved the StartSession middleware to the global middleware stack, make sure it's not causing any side effects. It's generally recommended to keep it within the web middleware group.

If none of these steps resolve the issue, it may be helpful to look at the Laravel upgrade guide to see if there were any breaking changes regarding sessions between Laravel 8 and Laravel 10. Additionally, consider checking the Laravel documentation for sessions to ensure that all session-related features are being used correctly.

Remember to test each change you make in isolation to identify what exactly resolves the issue.

JussiMannisto's avatar

Can you show the contents of the site.php and how you're reading the session variable later on?

Do you do anything to the session after login, like call regenerate() or something similar?

emmettculley's avatar

Thanks for the response.

After looking over the AI answer and doing a deeper dive, it seems to be working now. I am not exactly sure what the problem was, but is seems to have been a cache issue.

Doing same the trobleshooting steps I did before asking for help here, seems to have fixed it. Unfortunateky I am not sure which step did it.

I have three other projects with this same issue, so I'll get another chance to find the culprit.

I suspect I missed something during one or more of the updates to the next Laravel major version,

Please or to participate in this conversation.