Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I'm wondering how authentication works in Laravel, specifically with ajax requests. Is the logged in user info saved in the session? If so, does the session work with ajax requests?
I'd like to refer to a lesson: https://laracasts.com/series/lets-build-a-forum-with-laravel/episodes/32?autoplay=true
It seems that it just works even with ajax requests, but I would've expected ajax requests to be different from regular form submissions. How does Laravel know about the user on an ajax request? Would this be different if it was an SPA instead of a blade template?
Each request to the server, whether it's a regular get request by clicking a link, or an ajax post request, sends the pages cookies with it. The session ID is stored in one of the cookies, APP_NAME + _session by default unless you changed the cookie name in /config/session.php
Ajax requests send the same cookies as a normal request so the session is available the same way in both.
For ajax requests rather than redirecting to the login page Laravel returns a 401 response code. You can catch this in your javascript code and do the redirect there in a SPA.
Please or to participate in this conversation.