Log user back in with remember me with Laravel 5

Question

I have it setup so that onced logged in, the remember me is set to true with Auth::attempt([$u, $p], true);

But the session expires after 2 hours of no activity. So the user becomes logged out.

The documenation was very clear, how does the remember me work if the user is logged out after 2 hours? Am I supposed to check if the remember me cookie exists and log the user in?

Thanks

Answer 1

If your users table has a remember_token column and you are using a code like the following (as you do) the user gets remembered

if (Auth::attempt(['email' => $email, 'password' => $password], $remember)) {
    // The user is being remembered...
}

This is not dependent on the session because it sets a cookie like the following:

Name:   remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989a
Value   :eyJpdiI6IkRpTE9zU3ZTZElQMzJrVWFkUUR3N2c9PSIsInZhbHVlIjoieGs4T3JkN3c3UmdaMzFOTkhiWmRnWXNPN0x2S09cL0VJYmg1SlFRSFVnYWo2Rk04dlBoOFpEa256RlwvTFRNczhSQytPS3VJc3QyaUU4Und4QUNmdk1xZFQ2UWNFUkN4VzZPWCtGTEl0MUxwUT0iLCJtYWMiOiIwMDQ5NjgzNzUxZTc3MzUxMzcxNzQ1ZjIxYzgyOTY5MzBkZjRiZmYzYTNiNGFiODc4ZGQ1YzczNzhkMjUxMGUyIn0%3D
Host    : www.example.com
Path    /
Expires Sun, 19 Sep 2021 11:48:54 GMT
Secure  No
HttpOnly    Yes

This means the user is logged in for 5 years from now.

Answer 2

By default laravel session life time is set to 120 min you can cofigure it from config/session.php - lifetime.

If the user checked remeber me for an application, Laravel will queue a permanent cookie that contains the encrypted copy of the user identifier. Laravel will then decrypt this later to retrieve the users.