Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

mohamed-ryan's avatar

Sessions disappear and appear randomly in Laravel 5.4 !!

I'm in a project with Laravel 5.4, we made a custom User provider for custom Auth, as all the processes in this project from login to any process is talking to an API ( another project in Laravel also ).

So, in the custom user provider in retrieveByCredentials() method, as this method is called when i call the Auth::attempt(), i save the current user instance in a session called adminUser , like this :

class CustomUserProvider implements UserProvider {

    protected $model;

    public function __construct(Authenticatable $model)
    {
        $this->model = $model;
    }

    public function retrieveByCredentials(array $credentials)
    {
        $user = null;

        foreach ($credentials as $key => $value) {
            $this->model->$key = $value;
        }
        
        if ($this->model->dashboard_access) {
            $user = $this->model;
                request()->session()->put('adminUser',$this->model );// session here.
        }
        
        
        return $this->model;
    }
}

and of course i changed the session lifetime:

'lifetime' => 525600, // 1 year
// 'lifetime' => 1 * (60 * 24 * 365), // 1 year

'expire_on_close' => false,

so after login, the dashboard opened normally, session is saved.

I made a Middleware called CustomAuth , that check session is exist or not, and if not it will redirect to the login page:

public function handle($request, Closure $next, $for)
    {
        
        if (!request()->session()->has('adminUser') ) {
                
            if (request()->method() == 'GET') {
                // another session to save the url that the user intended to visit, to redirect to it after login.
                request()->session()->put('adminIntended',request()->path());
            }

            request()->session()->forget('adminUser');
            return redirect('/dashboard/login');
        }

        return $next($request);

    }

so now for example i open page called regions that gave me a data-table with regions infromation, this data-table is working by ajax

The problem here is:

The regions page is loaded successfully and the session is exist, but the data-table ajax request not see the session and it redirect to the login page, and this happened randomly as sometimes it see the session and work.

Note: the session not deleted, it just disappear and appear randomly.

I opened the chrome inspect element the Network tab and i opened the data-table ajax request in a new tab, and i dd() the sessions in the CustomAuth middleware before redirection code,then i made multiple refresh for this request,

i noticed that the sessions sometimes appeared and sometimes not, also noticed that when it not appeared the CSRF token value in session is changed, and when it appeared i mean the adminUser session, the CSRF token appeared with the old value of it.

This the dd() of sessions when it appeared:

array:7 [▼
  "_token" => "5sCLno7dmkad8k0muNP3jAQn9tmWxtIss2dDWC9t"
  "locale" => "ar"
  "_previous" => array:1 [▶]
  "_flash" => array:2 [▶]
  "adminUser" => User {#479 ▶}
  "login_web_59ba36addc2b2f9401580f014c7f58ea4e30989d" => 1
  "PHPDEBUGBAR_STACK_DATA" => []
]

And this dd() for it when not appeared:

array:2 [▼
  "_token" => "spDqbEWmzFGbUmKMS3kizhVOussoImeR9ElPhmde"
  "locale" => "ar"
]

also i noticed that when i remove the URL parameters (data-table parameters) from the URL the session always appeared !!

This is the parameters i removed:

?draw=1
&columns%5B0%5D%5Bdata%5D=id
&columns%5B0%5D%5Bname%5D=
&columns%5B0%5D%5Bsearchable%5D=true
&columns%5B0%5D%5Borderable%5D=true
&columns%5B0%5D%5Bsearch%5D%5Bvalue%5D=
&columns%5B0%5D%5Bsearch%5D%5Bregex%5D=false
&columns%5B1%5D%5Bdata%5D=title
&columns%5B1%5D%5Bname%5D=rt.title
&columns%5B1%5D%5Bsearchable%5D=true
&columns%5B1%5D%5Borderable%5D=true
&columns%5B1%5D%5Bsearch%5D%5Bvalue%5D=
&columns%5B1%5D%5Bsearch%5D%5Bregex%5D=false
&columns%5B2%5D%5Bdata%5D=city_name
&columns%5B2%5D%5Bname%5D=ct.title
&columns%5B2%5D%5Bsearchable%5D=true
&columns%5B2%5D%5Borderable%5D=true
&columns%5B2%5D%5Bsearch%5D%5Bvalue%5D=
&columns%5B2%5D%5Bsearch%5D%5Bregex%5D=false
&columns%5B3%5D%5Bdata%5D=id
&columns%5B3%5D%5Bname%5D=
&columns%5B3%5D%5Bsearchable%5D=true
&columns%5B3%5D%5Borderable%5D=true
&columns%5B3%5D%5Bsearch%5D%5Bvalue%5D=
&columns%5B3%5D%5Bsearch%5D%5Bregex%5D=false
&start=0
&length=10
&search%5Bvalue%5D=
&search%5Bregex%5D=false
&_=1514660150564

Final Note: This all happened in windows OS, as when i run this project on Ubuntu, the sessions appeared in all situation and it work correctly.

  • So anyone can tell me what happened here, where the problem and how can i solve it ?!

Thanks, ^^

0 likes
0 replies

Please or to participate in this conversation.