I got several Laravel 5 projects running on subfolders, on the same domain.
Each Laravel application is generating it's own session cookie, and sometimes it generates so much that we get http 400 errors on the entire domain.
Should I share the storage folder between all those projects, or there's any settings to prevent that to happen?
Each Laravel installation should be located in its own directory.
Then an alias needs to be defined which points the domain sub-folder to the "child" Laravel folder.
Example in Apache http.conf:
<VirtualHost some.domain:80>
ServerName some.domain
## Path to laravel domain
DocumentRoot "/path/to/some/domain/laravel-1/public"
<Directory "/path/to/some/domain/laravel-1/public">
AllowOverride All
</Directory>
## Path to laravel sub-folder
Alias /laravel-2-path-alias/ "/path/to/some/domain/laravel-2/public"
<Directory "/path/to/some/domain/laravel-2/public">
AllowOverride All
</Directory>
</VirtualHost>
For session cookies, check config\session.php in both installations.
Root installation config\session.php:
'cookie' => 'a_unique_name'
'path' => '/',
Subfolder installation config\session.php:
'cookie' => 'another_unique_name'
'path' => '/path/to/sub/folder',
This should ensure that each installation is writing its own unique session cookies. Any cookies generated by the sub application should not interfere with those of the parent.
Since I found the solution, let me share with you guys.
First, you need to use a shared session driver like Redis or database.
Second, you need to set on config/session.php, the session cookie and path to be the same.
After that, you can run as many different Laravel projects on the same domain without having problems with cookies.
If your application does not require session at all, you can disable sessions entirelly on app/Http/Kernel.php, commenting the following lines:
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
Edit httpd.conf file as
Please check that path may differ according to your system /opt/lampp/htdocs/ or /var/www/html/
## Path to laravel sub-folder
Alias /admin-boilerplate/ "/opt/lampp/htdocs/admin-boilerplate/public/"
<Directory "/opt/lampp/htdocs/admin-boilerplate/public">
AllowOverride All
</Directory>
And you may need to edit .htaccess file in public folder as
RewriteBase /admin-boilerplate
Full code look like
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# It enables routes when documrnt root set to public foder in httpd.conf file
# change name according to alias name
RewriteBase /admin-boilerplate
</IfModule>
I think you need to have a unique security key for each sub folder and add a special variable for each sub folder go change the generated cookie
You should setup Homestead. It's super easy to use. https://laravel.com/docs/5.2/homestead You can setup multiple domains for example: domain1.dev, domain2.dev. For each domain you'll have your own cookies.
