Session driver is set to database currently. Now I want to disable session for some route. I am using laravel 7 in my project. What is the best way to disable the session?
I have tried: in StartSession.php file: \Config::set('session.driver', 'array');
Seems like it doesn't work for me, is there any better way?
Trying to modify code in files within vendor directory is not a good practice as it will get overridden whenever the package is updated.
If you want to remove a middleware from a specific route you can use withoutMiddleware
Route::get('/some-endpoint', function () {
//
})->withoutMiddleware([StartSession::class]);
Laravel Docs - Middleware - Excluding Middleware
Related
im using a package called https://github.com/garygreen/pretty-routes
there is line in its service provider boot() method (here the code)
it is defining a get route with middlewares from its config file(link to the code) I just added 'auth:web' to its config file but it seems the 'auth:web' middleware is called as soon as code reaches the line before Laravel bootstraps its session and etc. when the auth('web')->user() is yet null
What I can not understand is that I do the same exact thing (here the code)with laravel/telescope but it works. why ???
also changing :
Route::get(config('pretty-routes.url'), 'PrettyRoutes\PrettyRoutesController#show')
->name('pretty-routes.show')
->middleware(config('pretty-routes.middlewares'));
to :
$this->app['router']->get(config('pretty-routes.url'), 'PrettyRoutes\PrettyRoutesController#show')
->name('pretty-routes.show')
->middleware(config('pretty-routes.middlewares'));
in service provider seems to solve the problem and make this code behave like the way telescope package use 'auth:web' as middleware.
what's happening ?
You need to have the web middleware applied to any routes you need sessions for, which is what the default authentication system is using. When you apply the auth middleware without this it can't possibly resolve a user since there is no session to be authenticated against.
You need to apply the web middleware and then what ever other middleware you want:
'middlewares' => [
'web', 'auth:web',
],
If you look at the telescope example you provided you will see they also add the web middleware. So you didn't quite "do the same exact thing" as the telescope config.
By default laravel is huge.
Its a way to clean up only needed depencies?
For sample, when i'm installing laravel, some default configs are provided. I dont need the API Routes or other, when i'm using the normal web-routes.
If you want to don't want to load API route you can simply comment out this line in RouteServiceProvider
public function map()
{
$this->mapApiRoutes(); //comment this line
$this->mapWebRoutes();
//
}
Hope this helps.
To make Laravel leaner, another good approach is to have a look on your ServiceProviders, which are loaded in config/app.php. Just deactivate all ServiceProvider you don't need and test your application.
ServiceProviders can also be loaded from packages. So take also attention to loaded packages through your composer.json.
I want to use GraphQL in Laravel,I chose the package laravel-graphql ,my question is:
How to use Passport of Laravel for Authentication when using laravel-graphql?
I haven't used the package myself before, but from looking at the code I would say you can add a middleware in the configuration file config/graphql.php that performs the authentication and/or permission check:
/*
* Any middleware for the 'graphql' route group
*/
'middleware' => ['auth:api'], // or 'auth' for normal authentication
If this doesn't work for you, there is also the possibility to override the controller used by the package. The configuration for this is also in the same configuration file. You could for example extend the existing controller to achieve what you want. Or you write an entirely new one.
at first you have to install laravel passport step by step after install passport then you have to use
#middleware(checks:["auth:api"])
in schema.graphql file
I have two (but let's image more) micro-services (API) which need to be aware of authenticated user. Ideally I would simple like to resume their sessions.
All micro-services are using same storage for sessions: redis.
All API calls will have Cookie header, so all services will be able to resume sessions based on that cookie. I have successfully implemented this via PHP $_SESSIONs.
Now the question: how would you go about implementing this with Laravel/Lumen?
Last update on 5th of March 2021
(This answer was getting a lot of attention from Laravel community so I thought of updating it.)
Laravel has officially stopped supporting sessions & views in laravel/lumen framework from version 5.2 and on wards.
But laravel still have a component illuminate/session which can be installed in lumen/framework and we can play around with this.
Step - 1
install illuminate/session using
composer require illuminate/session
Step - 2
Now goto bootstrap/app.php and add this middleware
$app->middleware([
\Illuminate\Session\Middleware\StartSession::class,
]);
Purpose of adding the above middleware is to start session on every request and save session before serving response.
Step - 3
Now add config/session.php, since it is not present in Lumen by default. You can take session.php from Laravel official repo.
Step - 4
Create framework session storage directory by
mkdir -p storage/framework/sessions
Thanks to DayDream
Step - 5
In bootstrap/app.php add bindings for \Illuminate\Session\SessionManager
$app->singleton(Illuminate\Session\SessionManager::class, function () use ($app) {
return $app->loadComponent('session', Illuminate\Session\SessionServiceProvider::class, 'session');
});
$app->singleton('session.store', function () use ($app) {
return $app->loadComponent('session', Illuminate\Session\SessionServiceProvider::class, 'session.store');
});
Thanks to #xxRockOnxx for finding loadComponent method.
It takes 3 arguments,
first one is config file name. (file should be present in config/ directory)
second is ServiceProvider FQN
third is return of this method.
loadComponent just calls the $app->register and inject $app while building the ServiceProvider
How to Use
// Save Session
$router->get('/', function (\Illuminate\Http\Request $request) {
$request->session()->put('name', 'Lumen-Session');
return response()->json([
'session.name' => $request->session()->get('name')
]);
});
// Test session
$router->get('/session', function (\Illuminate\Http\Request $request) {
return response()->json([
'session.name' => $request->session()->get('name'),
]);
});
I've also added example over github supporting from lumen framework v5.6 to all the way to current version v8.0.
https://github.com/rummykhan/lumen-session-example
It is important to that you also use $request->session(), otherwise it will not work.
I tried the solution mentioned above, however, it's also required to create a folder storage/framework/sessions if using the default settings.
The accepted answer is outdated.
I answered and explained a bit how to properly do it in my answer on this question
I also posted what is the problem on my question at Laracasts
To quote:
the solution that is found in the link you gave is that, first it tells you to manually register the SessionManager to prevent the unresolvable depedency parameter #0 $app then also register the existing SessionServiceProvider which also binds another instance SessionManager.
Problem with that is, some components use the other instance and other parts use the new one which causes my auth attempt session not being save despite actually being put inside.
I am new to Laravel and learning just basic stuff. I am trying to create a new Route to create a user into database. So I created a Route like this -
Route::get('users/"create"', 'PagesController#create');
But I also have one Route for users trying to access their profile-
Route::get('users/{username}', 'PagesController#show');
Now when I try to access users/create it redirect me to show method instead of create method in controller. I am guessing this is because of generic nature of users/{username}. So my question is how to deal with such situation.
The order that you define routes is important. If you define your routes like this - in this order, it will work.
Route::get('users/create', 'PagesController#create');
Route::get('users/{username}', 'PagesController#show');
Note - I noticed you used 'users/"create"' - that is an error - it should be 'users/create' like in my example.
p.s. make sure you dont allow a user with the username called 'create' - or they will never be able to get to their profile page.