My Laravel 5.2.10 Sessions Wont Persist
I have a brand new installation of Laravel 5, in fact I have tried this on multiple versions and keep hitting the same issue.
I have not changed anything from the default except setting the session driver to redis. (File based also has the same issue).
I have two routes set as follows
Route::get('/set/{value}', function($value) {
var_dump(Session::getId());
Session::set('test', $value);
return view('welcome');
});
Route::get('/get', function() {
return 'Get ' . Session::get('test');
});
If I visit the url /set/abc I see the session appear in REDIS (I also see the file created when using file based). The session looks fine in REDIS as shown below
127.0.0.1:6379> KEYS *
1) "laravel:1a3ae6caff6346e4a173fdc1ab4c6eb0f138806b"
2) "laravel:fed1af2fb44c6e625953237c3fa6fcbb05366a5c"
3) "laravel:cb37286ccfe3e7caa20557aca840f50cb5a5f20d"
Every time I visit the page though, it recreates a new session.
The key parts of session.php file is as follows:
'lifetime' => 120,
'expire_on_close' => false,
I have also checked in REDIS the TTL of the session variables and they do get initialised at 120 minutes (equivalent in seconds).
Any idea what I am doing wrong?
It might be worth noting I am using a homestead vm (completely stock) to test this. I have also tried using multiple browsers. No cookies are ever sent to the browser, I presume a session id should be sent to the browser as part of the initial get request?
Answer
Laravel's middleware class \Illuminate\Session\Middleware\StartSession is responsible for starting your session. Before L5.2, this ran on every request because it was part of the global middleware stack. Now, it's optional because L5.2 wants to allow for both a web UI and an API within the same application.
If you open up app/Http/Kernel.php, you'll see that the StartSession middleware is part of a middleware group called web. You need to put all your routes inside there for your example to work.
Route::group(['middleware' => ['web']], function () {
Route::get('/set/{value}', function($value) {
var_dump(Session::getId());
Session::set('test', $value);
return view('welcome');
});
Route::get('/get', function() {
return 'Get ' . Session::get('test');
});
});
You can see that the web middleware group is also responsible for other things like providing the $errors variable on all views.
You can read more about it in the docs:
By default, the
routes.phpfile contains a single route as well as a route group that applies thewebmiddleware group to all routes it contains. This middleware group provides session state and CSRF protection to routes.Any routes not placed within the
webmiddleware group will not have access to sessions and CSRF protection, so make sure any routes that need these features are placed within the group. Typically, you will place most of your routes within this group:
Related Questions
- → "failed to open stream" error when executing "migrate:make"
- → October CMS Plugin Routes.php not registering
- → OctoberCMS Migrate Table
- → OctoberCMS Rain User plugin not working or redirecting
- → October CMS Custom Mail Layout
- → October CMS - How to correctly route
- → October CMS create a multi select Form field
- → October CMS - Conditionally Load a Different Page
- → How to disable assets combining on development in OctoberCMS
- → October CMS - Radio Button Ajax Click Twice in a Row Causes Content to disappear
- → OctoberCms component: How to display all ID(items) instead of sorting only one ID?
- → In OctoberCMS how do you find the hint path?
- → How to register middlewares in OctoberCMS plugin?