Laravel 5.2 Session values not persisting even when web middleware is used

Question

I've got a Laravel 5.2 project that I'm using as a mock API for a javascript client I'm building out. The mock API functionality will be replaced with a different Laravel project later. For now, I just need to be able to submit API calls and get expected responses.

In my mock API I'm storing the authentication status in the session.

The problem I'm running into is that the values I put into the session are not persisting between http calls.

This seemed similar to a different stackoverflow post I found, but the thing is I'm already using the web middleware for my API group.

I thought it may be a permissions on my storage folder (I'm using the default file session driver), vagrant is the owner and has write access:

Plus if it was a permissions issue I would think it would generate a runtime error.

Is there something else I'm missing?

EDIT

Here's the contents of Config::get('session'):

And yep, the StartSession class is included in the web middleware group:

Here's a shot of the browser session cookie vs the session file being created on the web server:

Here's the content of the request:

Answer 1

I have the same Issue on 5.2

I found out that sessions work if i register the routes and the middleware within a group

Route::group(['middleware' => ['web']], function () {
    Route::get('aktuell', "SeitenController@getAktuell");
    # other routes ... 
});

But not if i assign the middleware in the Controllers constructor

function __construct()
{
    $this->middleware('web');
}

(which is my preffered way..)

works though by saving session explicitly via

$request->session()->put("test3",time()."-anna");
$request->session()->save();

Answer 2

I experienced the same problem but none of the other answers helped me. For me the Illuminate\Session\Middleware\StartSession class was always called as it had to be, so I knew the web middleware was called.

When googeling on the problem I came accross the following thread where Taylor Otwell mentioned you have to use the Session::save() after setting the session variable. Using this worked for me, but I still don't know the reason why this solved the problem.

Answer 3

This is because of a change that was made to the Laravel that all routes by default are part of the "web" middleware, so assigning it again in your routes.php file ends up assigning it twice.

The solution is either to remove the "web" middleware from your routes OR remove the automatic assignment from the RouteServiceProvider.

Before the Laravel update:

  // /app/Providers/RouteServiceProvider.php
$router->group(['namespace' => $this->namespace], function ($router) {
    require app_path('Http/routes.php');
});

After the Laravel update:

// /app/Providers/RouteServiceProvider.php
$router->group([
    'namespace' => $this->namespace, 'middleware' => 'web',
], function ($router) {
    require app_path('Http/routes.php');
});

Notice how the new update automatically applies the "web" middleware to all routes. Simply remove it here if you wish to continue using Laravel 5.2 as you have before (manually assigning "web" middleware in your routes.php).

Answer 4

One thing that did the trick for me was to make sure that domain in config/session.php is set to null.

Answer 5

I had the same issue and was able to get it to work by replacing

Route::group(['middleware' => ['web']], function () {
   ...
});

with

Route::group(['middlewareGroups' => ['web']], function () {
   ...
});

No idea why this works though when all the documentation suggests that we use ['middleware' => ['web']]