Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Bruno_Balmer's avatar

Fix for method-illuminate-auth-requestguard-attempt-does-not-exist

Hi, I was having troubles with the "remember me" function. From the stacktrace i found the bug in the vendor\laravel\framework\src\Illuminate\Session\Middleware\AuthenticateSession.php:42 which is :

 $passwordHash = explode('|', $request->cookies->get($this->auth->getRecallerName()))[2] ?? null;

the ->getRecallerName() was only available for SessionGuard so i added :

 $passwordHash = explode('|', $request->cookies->get($this->auth->guard('web')->getRecallerName()))[2] ?? null;

and the bug never happened again. Can a Laravel "expert" confirm that this does not cause problems in other cases?

0 likes
3 replies
MohamedTammam's avatar

I'm not an "expert".

Please show the part of the code that caused the issue.

Bruno_Balmer's avatar

I use Jetstream so I had logged in with the "remember me" box checked. Then you close the window without logout. This problem was caused by returning to any url in my webapp at the end of the SESSION_LIFETIME timer. I changed this timer to 1 min in the .ENV file to facilitate testing.

Bruno_Balmer's avatar

Here is the function that raises the error in vendor\laravel\framework\src\Illuminate\Session\Middleware\AuthenticateSession.php

public function handle($request, Closure $next)
    {
        if (! $request->hasSession() || ! $request->user()) {
            return $next($request);
        }
        if ($this->guard()->viaRemember()) {
            $passwordHash = explode('|', $request->cookies->get($this->auth->getRecallerName()))[2] ?? null;//That one
            if (! $passwordHash || $passwordHash != $request->user()->getAuthPassword()) {
                $this->logout($request);
            }
        }

        if (! $request->session()->has('password_hash_'.$this->auth->getDefaultDriver())) {
            $this->storePasswordHashInSession($request);
        }

        if ($request->session()->get('password_hash_'.$this->auth->getDefaultDriver()) !== $request->user()->getAuthPassword()) {
            $this->logout($request);
        }

        return tap($next($request), function () use ($request) {
            if (! is_null($this->guard()->user())) {
                $this->storePasswordHashInSession($request);
            }
        });
    }

Please or to participate in this conversation.