Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Prullenbak's avatar

Laravel losing session info 1/3d of the time

Hi all,

Don't know if this is supposed to go in the requests channel or in the servers channel. It fits in both.

Anyway...I have a weird problem. I've build an application which works fine locally in valet as well as sail. However, now that it's deployed (in a docker container), Laravel seems to forget all the session info sometimes. I tried to do dd(session()->all()) just to see what happens, and when I refresh, sometimes stuff shows up, and sometimes it doesn't. Also sometimes when I try to login (which obviously doesn't work also) or want to test my reset password form, it gives a 419 (because obviously, the CSRF token isn't correct because it forgot the session data). A refresh usually does the trick, because somehow, on some random requests all data is there, like everythings back to normal.

Anyone has any clue what could be happening here?

I tried setting secure cookies to false, tried to turn off encryption, made sure the session files could be written (and they can, because sometimes the data is there)...Currently, this is the content of config('session'):

 [
  "driver" => "file",
  "lifetime" => 30,
  "expire_on_close" => false,
  "encrypt" => true,
  "files" => "/var/www/html/storage/framework/sessions",
  "connection" => null,
  "table" => "sessions",
  "store" => null,
  "cookie" => "app_session", // instead of this, I have the real app name...
  "path" => "/",
  "domain" => ".app.com", // instead of this, I have the real domain name...
  "secure" => true,
  "http_only" => true,
  "same_site" => "lax",
]
0 likes
3 replies
martinbean's avatar
martinbean
3 years ago
Best Answer
Level 80

@prullenbak What kind of infrastructure are you running on? Is your application behind a load balancer or something? As it sounds like you have multiple “nodes” running and using a persistent store like the file system for your sessions.

If you are running behind a load balancer, then this is what will be happening:

  1. You log in on a page served by Node A.
  2. Your session is saved in Node A’s filesystem, and you are redirected.
  3. On the next request, the load balancer picks Node B to serve the request.
  4. You are no longer logged in/session is empty, because your session is in Node A’s filesystem; not Node B’s (which is handling the current request).
1 like
Prullenbak's avatar

Hi thanks for your reply!

honestly, I don't even know enough about the infastructure...But if that's the case, then maybe it's an idea to use the database session driver? I might try that, then?

Edit/ follow up: I tried to use the database session driver, and now all this stuff is working better. However, logging in users doesn't seem to work...so I've got another problem to solve now. Unless anyone has ideas?

Prullenbak's avatar

Nevermind. This was a completely unrelated issue. Database driver for the session was the correct answer, and, as it turned out, things were indeed behind a Load Balancer.

1 like

Please or to participate in this conversation.