CODEWITHSUNDEEP
php.netlaravelsession
Mintendo
Mintendo

Reputation: 567

Laravel API expired session

In Laravel 5.4 I created some API on my routes/web.php. These API are called by .NET application.

The first called API is the login, after that, I put in session some data. Before to call other API, I check if the data is in session, but after the first call (login), when I try to call the second one, the session seems to be flushed/expired.

Here my route code:

// API
Route::group(["prefix" => "api"], function() {
    // Login
    Route::post("login", "APIController@login");

    Route::group(["middleware" => "isNotAuthenticatedAPI"], function() {
        Route::group(["middleware" => "loginDBUser"], function() {
            // Importazioni
            Route::group(["prefix" => "importazioni"], function() {

                // Utenti
                Route::post("utenti", "APIController@importCustomers");
                // Attività (Abbonamenti)
                Route::post("attivita", "APIController@importSubscriptions");
                // Iscrizioni
                Route::post("iscrizioni", "APIController@importCustomersSubscriptions");
            });

            // Richieste
            Route::group(["prefix" => "richieste"], function() {
                // Ultima iscrizione
                Route::post("ultima_iscrizione/{subscription_external_id?}", "APIController@getLastCustomerSubscription");
            });
        });
    });
});

Middleware isNotAuthenticatedAPI:

public function handle($request, Closure $next) {
        $res = [
            "result" => null,
            "errors" => [
            ]
        ];

        if (!$request->session()->get("user.api")) {
            $res["result"] = false;
            $res["errors"][] = [
                "code" => APIController::WARNING_SESSION_EXPIRED,
                "message" => trans("api.w_session_expired")
            ];
            return response()->json($res);
        }

        return $next($request);
    }

My config/session.php:

'lifetime' => 120,

    'expire_on_close' => false,

I tried to put the route's code into routes/api.php, but the result doesn't change.

Upvotes: 0

Views: 2385

Answers (2)

Quang Minh
Quang Minh

Reputation: 116

If you want to continue using Session in API, please make sure that the client (your .NET application) store the cookie and include it in later requests.

A simple way to test if your problem is the cookie, try login your api in browser and call other api after that. If everything work well, then it's the cookie problem.

Upvotes: 0

Jackson
Jackson

Reputation: 70

please set property in config/session.php lifetime =value set to increase time out of session or other this option with set middle ware handler set " config('session.lifetime') * 60; // min to hours conversion to solved this issue

Upvotes: 1

Related Questions