Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

cewlbird's avatar

user_id in Session always null - Custom User Provider

Hi dear community,

currently I am building a site with two user tables.

I am using the default users table for my backend users and the rm_users for logging in users from another remote server.

I added this user provider to my auth.php

'msr_users' => [
    'driver' => 'eloquent',
    'model' => \Modules\Frontend\Models\UserMsr::class,
 ],

and I also added this to the guards array

 'web_msr' => [
    'driver' => 'session',
    'provider' => 'msr_users',
 ]

also I have added a custom password reset for the rm_users

'msr_users' => [
    'provider'  => 'msr_users',
    'table'     => 'rm_users_password_resets',
    'expire'    => 60,
]

additionally this middlewares are defined

 'msr_user_auth' => \Modules\Frontend\Http\Middleware\AuthenticateMsrUser::class,
 'msr_user_guest' => \Modules\Frontend\Http\Middleware\RedirectIfMsrUserAuthenticated::class

<?php

namespace Modules\Frontend\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class RedirectIfMsrUserAuthenticated
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        if (Auth::guard()->check()) {
            return redirect('/');
        }

        if (Auth::guard('web_msr')->check()) {
            return redirect('/profil');
        }

        return $next($request);
    }
}

<?php

namespace Modules\Frontend\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class AuthenticateMsrUser
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        if (! Auth::guard('web_msr')->check()) {
            return redirect('/anmelden');
        }

        return $next($request);
    }
}

Of course I have separate Controllers for both logins (rm_users and users). The necessary overrides are made within those controllers.

Everything works fine so far, I can log in by checking the username in the rm_users table. Also the session is created, but I noticed that the user_id within the sessions table always stays null.

As soon as I login as a backend user from the default users table it just works fine (I have separate login routes for remote and default backend users).

Am I missing something in here? I haven't created a dedicated guard or user provider class, as I am using the default mechanism, I am not sure if this is the problem?

Does it make sense to have a separate custom session tables for the remote users? I don't know if this is even easily possible within laravel.

I hope you can guide me into the right direction.

Best Regards.

0 likes
2 replies
cewlbird's avatar

So, I googled a lot and I think the default session driver probably looks for the default user guard.

I tried copying and renaming the default session driver and boot it up inside the boot method of the AuthServiceProvider, but I am not sure how to do it properly as it needs several arguments inside the class and I am not sure if this is the right way.

I also checked the payload of the created session and it has the user_id set inside it, but still does not set the user_id column when using my custom user provider.

webleyson's avatar

Hey. I have a similar issue with a custom guard. I have set my session driver to database to see it doesnt create the user_id along with the session data.

Did you get anywhere with it?

Funny thing, is it works on my local using php artisan serve.

Please or to participate in this conversation.