Upgrading from Laravel 5.1.17 to 5.2. My config/auth.php originally contained:
'driver' => 'eloquent',
'model' => 'Project\User',
'table' => 'users',
New file is the same as the default, except with the updated namespace.
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => Project\User::class,
],
],
My env SESSION_DRIVER is redis. I did not clear anything from Redis. (Note, this also happened in my other projects where driver was file, but I didn't care about it as much for them.)
I have two branches, L5.2 and master (which is on 5.1.17). After switching branches, I simply run composer install
If I login on master, then switch to L5.2, I am logged out
If I switch back to master, I am logged back in
If I login on L5.2, then switch to master, I stay logged in
If I switch back to L5.2, I stay logged in
I'm hesitant to upgrade if it's going to invalidate all of my users' sessions and force them to login again. Is there a way to avoid this?
The only other files that were modified were composer.json, composer.lock, app/Exceptions/Handler.php, and config/app.php; nothing that touched Auth.
I figured out what is causing the session to be invalidated. The problem is the session guard's getName() method.
In 5.1.17:
return 'login_'.md5(get_class($this));
In 5.2 ($this->name would be web by default):
return 'login_'.$this->name.'_'.sha1(get_class($this));
Also, the class name itself changes from Guard to SessionGuard
If I replace this method with:
return 'login_'.md5('Illuminate\Auth\Guard');
That keeps my sessions logged in.
This is progress but not a complete solution yet. The real solution is to update all of your existing sessions with the new name. I'll work on a script to complete this and then update my answer.
That you should do is open app/Http/routes.php
and wrap all your existing routes with:
Route::group(['middleware' => ['web']], function () {
// here your previous routes
});
EDIT
After testing I can confirm this behaviour.
In those cases:
5.1.17 -> 5.2
5.1.23 -> 5.2
5.1.28 -> 5.2.*
after upgrade to 5.2 User seems not be logged anymore. When going in versions in 5.1 branch user stays logged. When going back from 5.2 to 5.1 user is logged again.
At the moment you should probably create issue here https://github.com/laravel/framework/issues and wait for response
EDIT2
It seems it's official and expected behaviour because to upgrade guide has been added:
Because of changes to the authentication system, any existing sessions will be invalidated when you upgrade to Laravel 5.2.
Related
I have multiple disks set up within config/filesystems.php like so: I have recently added 'mealimages'.
'menus' => [
'driver' => 'local',
'root' => storage_path('app/menus'),
'url' => env('APP_URL').'/menu-store',
'visibility' => 'private',
],
'mealimages' => [
'driver' => 'local',
'root' => storage_path('app/meal-images'),
'url' => env('APP_URL').'/meal-images-store',
'visibility' => 'public',
],
I'm using laravel media library to handle my image uploads, in my model, I have configured the collection to use the mealimages disk like:
$this->addMediaCollection('meal-image')->useDisk('mealimages')->singleFile();
I have flushed application cache by running php artisan optimize:clear, tried deleting my /public/storage directory and re-ran php artisan storage:link to try and get the images to show once they have been uploaded. I can confirm that the images are being stored correctly within my storage directly but the URL generated by laravel media library for the image returns 404.
I have also tried updating the visibility but no luck.
I am able to get the functionality and image uploads working correctly and showing if I update the ->useDisk() on the model to use the 'menus' disk.
$this->addMediaCollection('meal-image')->useDisk('menus')->singleFile();
I'm struggling to figure out why its working for the menus disk but not my mealimages disk? What I am missing in order to set up a new filesystem to use?
Any help would be great? Thanks
So my problem is that I installed Sanctum to my Laravel project and trying to use it on web routes in web.php. But when I logged in and trying to reach the location the site redirect me back to the main page and I don't know why this happens. The site should redirect me back when I'm not logged in.
Route::get('/support', function () {
return view('support');
})->middleware("auth:sanctum");
This is the code which I'm using in the web.php file. I think that the middleware somehow doesn't get the user loginToken which is created after the login, but I don't know where to fix it.
Have you added gurds for web,
config/Sanctum.php
/*
|--------------------------------------------------------------------------
| Sanctum Guards
|--------------------------------------------------------------------------
*/
'guard' => ['web','api'],
In auth.php file change guard from web to sanctum like this:
'defaults' => [
//'guard' => 'web',
'guard' => 'sanctum',
'passwords' => 'users',
],
Then you can apply ->middleware("auth:sanctum") on all routes.
I want to create a collaborative text editor app and came across this tutorial. I accessed the repository on github and followed all the steps from the README file to install and use the app. Also, in the tutorial, after I created the app on Pusher, I checked the "Enable client events" option on the App Settings tab.
However, when I type anything in the note textfield, the two following errors appear on the browser's console:
1)
Pusher : Error : {"type":"WebSocketError","error":"type":"PusherError","data":
{"code":null,"message":"Invalid key in subscription auth data:
'xxxxxxxxxxxx'"}}}
2)
Pusher : Error : {"type":"WebSocketError","error":
{"type":"PusherError","data":{"code":null,"message":"Cannot broadcast
client event (connection not subscribed to channel presence-note.note-
test-for-pusherqjvQbgt4s9)"}}}
The second error happens when I type something and the first one right when I load the page. I presume the second one is happening because of the first one.
This is my broadcasting.php file:
'connections' => [
'pusher' => [
'driver' => 'pusher',
'key' => env('PUSHER_APP_KEY'),
'secret' => env('PUSHER_APP_SECRET'),
'app_id' => env('PUSHER_APP_ID'),
'options' => [
//
'cluster' => 'us2',
'encrypted' => true
],
],
'redis' => [
'driver' => 'redis',
'connection' => 'default',
],
'log' => [
'driver' => 'log',
],
'null' => [
'driver' => 'null',
],
],
The values set in the env file I get from the app keys on my Pusher account. I've already double checked if the values are set correctly and it seems to be fine.
I appreciate any help. Thanks in advance
The first client side error suggests your auth endpoint isn't sending a valid response to the client, and Pusher can't validate it. Have you specified exactly the same credentials in your server as in your client? Especially the specification of the cluster.
The second client side error you're getting suggests that your client hasn't actually subscribed to the channel, which would mean that client events wouldn't work.
Double check your client side code to make sure it is actually subscribing to the channel in question. Also, double check the app settings in your Pusher dashboard to ensure client events are enabled.
Perhaps it would be helpful to enable logging on your client side Pusher object. See https://github.com/pusher/pusher-js#global-configuration
We've had the same issue and solved it for Laravel + Vue.
The problem was that the front-end developer is using another Pusher account for local development and he is sending compiled front-end files to git repo.
So, when I get the compiled js files, Echo is created with different credentials than mine because in my .env file there are my Pusher channel credentials.
Solution: npm run dev on my machine. (So that it compiles the js files and Echo will be created with my .env Pusher credentials)
P.S. This solution affirms answer of #kn100
Following steps work for me
Check your app keys at server and client side
run php artisan config:cache
run ``php artisan optimize:clear`
run composer dump-autoload
Restart your IDE
Test your app
I'm using a Laravel 4.1 app on Apache, and everything is working fine on my local dev machine, but on my staging machine (which is on a shared host) users are randomly getting logged out and prompted to enter their credentials again.
The relevant settings:
app/config/session.php:
<?php
return array(
'driver' => 'file',
'lifetime' => 120,
'expire_on_close' => true,
'files' => storage_path().'/sessions',
'connection' => null,
'table' => 'sessions',
'lottery' => array(2, 100),
'cookie' => 'laravel_session',
'path' => '/',
'domain' => null,
'secure' => false,
);
using Laravel's default authentication driver
php.ini:
gc_maxlifetime=1440
gc_probability=1
gc_divisor=100
This does not seem to be the same as the issue some others have experienced here. The session file is not getting cleared by php. Just a few of the session variables are getting dropped randomly.
I tail -F'd the session file and could see when the variables are getting dropped between one request and the next. It looks like this (formatted for easier reading) before:
a:4:{
s:5:"flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}
s:6:"_token";s:40:"hvuw9VWWjssSwUL2C5eVSn0qZ2g1cwVF5YCEsLG7";
s:38:"login_82e5d2c56bdd0811318f0cf078b78bfc";i:2;
s:9:"_sf2_meta";a:3:{s:1:"u";i:1399318721;s:1:"c";i:1399318011;s:1:"l";s:1:"0";}}
and after:
a:3:{
s:6:"_token";s:40:"7o3b6NhiuDKXq4ftvngUefqe6cWybX1tzPEcDaxk";
s:9:"_sf2_meta";a:3:{s:1:"u";i:1399318721;s:1:"c";i:1399318721;s:1:"l";s:1:"0";}
s:5:"flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}}
The login_ session is gone, which results in Laravel's Session class assuming the user is not authenticated. I am not sure why this session variable is getting dropped, though. None of Session::forget, ::clear(), ::remove() or ::invalidate() are being called on the login session variable as far as I can tell.
I also noticed that the _token variable is constant between requests until the moment when the issue arises at which point it changes, as you can see above.
Any idea what's going on here?
Switching to the database session manager seems to have solved the problem. I suspect that there was some way on my host server configuration that php was wiping out the session files.
I have a CakePHP 2.x site I'm working on which performs as intended locally. Login works, session flash messages work, etc. When I push the code to my staging/prod server it's breaking.
Logins no longer work, no session flash messages appear, some controller actions that should be redirecting to /user/login are displaying nothing (empty document), etc.
I'm at a loss as to what the problem would be. Based on the issues I'm experiencing and some searching I've done I believe I've ruled out problems like whitespace after the closing ?> in a code-only PHP file (controllers). I'm using DB sessions, and I see session records being created in the DB on my local instance, but not on the remote staging/prod instance.
Any assistance would be much appreciated. Thanks.
In you app/Config/core.php check out these thing.
If you are using SSL and non-SSL based protocols, make sure you have cookie_secure set as false.
Configure::write('Session', array(
'defaults' => 'php',
'ini' => array(
'session.cookie_secure' => false
)
));
Try changing Session's configuration from php defaults to cake or db as
Configure::write('Session', array(
'defaults' => 'php', // change 'php' to 'cake' or 'database'
'cookie' => 'my_app',
'timeout' => 4320 //3 days
));
Also try setting Session.checkAgent to false, just for once to ensure if it is a browser issue.
Try changing Session.name of your session, it defaults to 'CAKEPHP'
Configure::write('Session', array(
'name' => 'New-Session-name'
'defaults' => 'php', // change 'php' to 'cake' or 'database'
'cookie' => 'my_app',
'timeout' => 4320 //3 days
));
Remove all cache files from all sub-directories of /app/tmp
Set debug level higher to 1, to do cache refresh. If you still don't see an error, try setting error_reporting to true in php.ini. (Although, this one is very obvious I am still pointing it out in case you might have missed it out)
Hope this helps
One of the recommendations I came across frequently was to ensure that there was no whitespace after the closing PHP tag in a code-only file (or preferably to not actually have a closing PHP tag). Checking all my files showed that to be the case. Somehow, however, I managed to put a single line break before the opening PHP tag in AppController.php and that was the issue. My apologies to anyone who wasted time on this. I just hope this helps someone in the future who clumsily makes the same mistake.