1

I'm using laravel 12.0.1 and try to check the user is logged in or not in the middleware.

I set the session value in api Controller, but when I call this value in the middleware, it is null.

And my log only shows the token in session.

How to get session value in the middleware?

My laravel_session in header and corresponding session value in database:

laravel_session=fca6d3xPRfTdlHBSTJWBd0KvaieSdKPbcGkFBZxa

a:3:{s:6:"_token";s:40:"0hYLgh1hHAZNW2Ar8E6MDBP5zKJXlLynSjt4dgTp";s:4:"user";s:5:"admin";s:6:"_flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}}

My log show another session value:

my session value: {"_token":"T9EtbOAiUwUYc9s1l1gC4TrdSkTj8nT9SDFbqTIA"}

I use the session function to set global session value, and I'm sure that name is not null.

// loginVerify
$validate = $request->authenticate();

if ($validate)
{
    $post = $request->post()['body'];
    
    $acct = User::where([
        [ 'email',    '=', $post['acct'] ],
        [ 'password', '=', $post['ps']   ],
    ])->first();

    session(['user' => $acct['name']]);

    return $acct;
}

// middleware managePage
public function handle(Request $request, Closure $next): Response
{
    Log::debug ('my session value: ' . json_encode(session()->all()));

    dd($request->header('Cookie'));

    if (empty(session('user'))) 
    {
        return redirect('/managerLogin');
    }

    return $next($request);
}

here is my middleware setup:

$middleware->prependToGroup('manageSetting', [
    \Illuminate\Session\Middleware\StartSession::class,
]);

$middleware->appendToGroup('managePage', [
    ManagerPage::class,
]);

and this is my route setup:

// web route
Route::middleware(['manageSetting', 'managePage'])->group(function () 
{
    Route::get('/homeManage', function () 
    {
        return Inertia::render('manage/homeManage');
    });

    Route::get('/groupManage', function () 
    {
        return Inertia::render('manage/groupManage');
    });
});

Route::middleware(['manageSetting'])->group(function() 
{
    Route::get('/managerLogin', function () 
    {
        return Inertia::render('manage/login');
    })->name('managerlogin');
});

//api route
Route::middleware(['manageSetting'])->group(function () 
{
    Route::post('/updateGroup', [GroupController::class, 'update']);

    Route::post('/updateHome', [KeyVisualController::class, 'update']);

    Route::post('/loginVerify', [UserController::class, 'login']);
});

Notes:

  1. I've tried the reflash and keep functions.
  2. The save function in request is not yielding working results for me, too.
  3. When I try to get the session in the manage page Controller API, I get another laravel_session. How to get the same laravel_session in all processes?
  4. I can get session value in login function with session('user').
Improve this question
4
  • setting the session value in the API controller is likely too late, as the middleware (at least for the incomming/request part) has already run. could that cause the behaviour of the session being null at time of check? Commented May 8 at 9:29
  • I think it's because session state and cookies are handled differently between web (stateful) and API (stateless) routes. API routes don't manage sessions by default, so you need to explicitly include the StartSession middleware for session handling in API routes. Check this post. Commented May 8 at 12:57
  • 9uifranco I include StartSession in the manageSetting group and set the login and manage route to use this middleware, but it's still can't get correct value Commented May 9 at 16:48
  • @hakre I try to log my session value in the userController and middleware, the result is that userController can get the session value faster than the middleware. So, maybe the problem is not the sequence? Commented May 9 at 16:59

1 Answer 1

Reset to default
0

You can use Auth::user(); to retrieve the authenticated user.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

And additionally Auth::check().
That is a choice. But I still can't use session in my project, and I still don't understand why this problem occurs.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.