Login/Register
Session is being lost in Laravel4 in production server
Asked Answered
phpsession-variableslaravel-4.2
L

1

7

I am checking if the user logged in or not like this 

Class LoginController extends BaseController {

    public function getIndex(){
        return View::make('login',array('eventname' => Request::segment(1)));
    }

    public function postIndex(){

        $xx = User::where('email','=',Input::get('email'))->where('event','=',$requestedevent)->first();
        $eventattempt = Input::get('event');

        if ($xx){

                if(Auth::attempt($userDetails)){
                    if(Auth::check()){
                        // return var_dump($xx->id);
                        Session::put('username',Auth::user()->name);
                        Session::put('userid',Auth::user()->id);
                        Session::put('event',Auth::user()->event);
                        return Redirect::to($eventattempt.'/form/page1');
                    }
                } else {
                    return Redirect::to($eventattempt.'/login')->with('login_errors',true);
                }

        } else {
            return Redirect::to($eventattempt.'/login')->with('login_errors',true);
        }


    }

}

Then I am doing a filter in the Form controller like this 

<?php



Class FormController extends BaseController{



    public function __construct(){
        $this->beforeFilter('auth');
        $this->beforeFilter('eventcheck');


    }

  }

And My filters.php looks like this 

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/

App::before(function($request)
{
    //
});


App::after(function($request, $response)
{
    //
});

/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/

Route::filter('auth', function()
{
       //dd('ssss');

    if (Auth::guest()){

        if (Request::ajax())
        {
            return Response::make('Unauthorized', 401);
        }
        else
        {
            dd(Session::get('event'));

            return Redirect::guest('login');
        }
    }
});


Route::filter('auth.basic', function()
{
    return Auth::basic();
});


/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/

Route::filter('guest', function()
{
    if (Auth::check()) return Redirect::to('/');
});


/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/

Route::filter('csrf', function()
{
    if (Session::token() != Input::get('_token'))
    {
        throw new Illuminate\Session\TokenMismatchException;
    }
});


Route::filter('eventcheck',function(){

    //dd(Session::get('event'));

    switch(Request::segment(1))
    {
        case 'rescom_summit_bangalore_2016':
            $requestedevent = 'Rescom Summit Bangalore 2016';
            break;
        case 'design_mission_saudi_arabia_2016':
            $requestedevent = 'Design Mission Saudi Arabia 2016';
            break;
        case 'design_mission_north_east_2016':
            $requestedevent = 'Design Mission North East 2016';
            break;
        case 'design_mission_south_west_2016':
            $requestedevent = 'Design Mission South West 2016';
            break;
        case 'design_mission_middle_east_2016':
            $requestedevent = 'Design Mission Middle East 2016';
            break;
        case 'design_mission_south_africa_2016':
            $requestedevent = 'Design Mission South Africa 2016';
            break;
        case 'design_mission_turkey_2016':
            $requestedevent = 'Design Mission Turkey 2016';
            break;
        case 'design_mission_asia_2016':
            $requestedevent = 'Design Mission Asia 2016';
            break;
        case 'design_mission_russia_2016':
            $requestedevent = 'Design Mission Russia 2016';
            break;
        case 'healthscape_series_2016':
            $requestedevent = 'Healthscape Series 2016';
            break;
        case 'hotelier_summit_africa_2016':
            $requestedevent = 'Hotelier Summit Africa 2016';
            break;
        case 'design_mission_middle_east_2016':
            $requestedevent = 'Design Mission Middle East 2016';
            break;
        case 'hotelier_summit_india_0se_2016':
            $requestedevent = 'Hotelier Summit India Ose 2016';
            break; 
        case 'hotelier_summit_india_Ffe_2016':
            $requestedevent = 'Hotelier Summit India Ffe 2016';
            break;

    }

    if ($requestedevent!=Auth::User()->event){
        Auth::logout();
        Session::flush();
        return Redirect::to(Request::segment(1).'/login')->with('login_errors',true);
    }
});

So I after login when I trying to print the Session::get('event') variable its showing NULL in my Production Server , But not in my Local Server

Any Idea why is this happening

UPDATE

my session config looks like this 

<?php

return array(

    /*
    |--------------------------------------------------------------------------
    | Default Session Driver
    |--------------------------------------------------------------------------
    |
    | This option controls the default session "driver" that will be used on
    | requests. By default, we will use the lightweight native driver but
    | you may specify any of the other wonderful drivers provided here.
    |
    | Supported: "file", "cookie", "database", "apc",
    |            "memcached", "redis", "array"
    |
    */

    'driver' => 'cookie',

    /*
    |--------------------------------------------------------------------------
    | Session Lifetime
    |--------------------------------------------------------------------------
    |
    | Here you may specify the number of minutes that you wish the session
    | to be allowed to remain idle before it expires. If you want them
    | to immediately expire on the browser closing, set that option.
    |
    */

    'lifetime' => 120,

    'expire_on_close' => false,

    /*
    |--------------------------------------------------------------------------
    | Session File Location
    |--------------------------------------------------------------------------
    |
    | When using the native session driver, we need a location where session
    | files may be stored. A default has been set for you but a different
    | location may be specified. This is only needed for file sessions.
    |
    */

    'files' => storage_path().'/sessions',

    /*
    |--------------------------------------------------------------------------
    | Session Database Connection
    |--------------------------------------------------------------------------
    |
    | When using the "database" or "redis" session drivers, you may specify a
    | connection that should be used to manage these sessions. This should
    | correspond to a connection in your database configuration options.
    |
    */

    'connection' => null,

    /*
    |--------------------------------------------------------------------------
    | Session Database Table
    |--------------------------------------------------------------------------
    |
    | When using the "database" session driver, you may specify the table we
    | should use to manage the sessions. Of course, a sensible default is
    | provided for you; however, you are free to change this as needed.
    |
    */

    'table' => 'sessions',

    /*
    |--------------------------------------------------------------------------
    | Session Sweeping Lottery
    |--------------------------------------------------------------------------
    |
    | Some session drivers must manually sweep their storage location to get
    | rid of old sessions from storage. Here are the chances that it will
    | happen on a given request. By default, the odds are 2 out of 100.
    |
    */

    'lottery' => array(2, 100),

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Name
    |--------------------------------------------------------------------------
    |
    | Here you may change the name of the cookie used to identify a session
    | instance by ID. The name specified here will get used every time a
    | new session cookie is created by the framework for every driver.
    |
    */

    'cookie' => 'laravel_session',

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Path
    |--------------------------------------------------------------------------
    |
    | The session cookie path determines the path for which the cookie will
    | be regarded as available. Typically, this will be the root path of
    | your application but you are free to change this when necessary.
    |
    */

    'path' => '/',

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Domain
    |--------------------------------------------------------------------------
    |
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.
    |
    */

    'domain' => null,

    /*
    |--------------------------------------------------------------------------
    | HTTPS Only Cookies
    |--------------------------------------------------------------------------
    |
    | By setting this option to true, session cookies will only be sent back
    | to the server if the browser has a HTTPS connection. This will keep
    | the cookie from being sent to you if it can not be done securely.
    |
    */

    'secure' => false,

);
Lesialesion answered 22/12, 2015 at 7:30 Comment(10)
I have same issue, but not on godaddy. Try change session config from file to cookie.Franciscka
make sure that app/storage/sessions has write permissions.. @KollleY I don't think that's a good idea..Eugenol
@MateiMihai yes it has write permissionLesialesion
@Franciscka where to change it ??Lesialesion
@Vikram, in config/session.phpFranciscka
@Franciscka still the same problem :(Lesialesion
try set 'domain' => null, to your real domainFranciscka
@Franciscka still not workingLesialesion
My problem was solved by cookie and domain set, so, I dont know, what you can do. (Franciscka
Let us continue this discussion in chat.Lesialesion
B
0

This might be the case.

From laravel docs : https://laravel.com/docs/master/routing

Any routes not placed within the web middleware group will not have access to sessions and CSRF protection, so make sure any routes that need these features are placed within the group. Typically, you will place most of your routes within this group:

Route::group(['middleware' => ['web']], function () {
     //all routes
});

Put your routes inside middleware and your problem will solve.

Butcher answered 3/2, 2016 at 5:25 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.