How to solve auto logout problem in Laravel

Question

I have two projects running in the same shared hosting (Namecheap Reseller hosting), have SSH access. Laravel version is 5.4. In both projects, using database driver for session and cache. I have changed the cookie name for both projects. But I am facing two serious problems.

It automatically logged out authenticated users after a few minutes.
There is a blog part of it. If an authenticated user posts something, it showing another authenticated user posted it.

session.php (thefinancialexpress.com.bd)

<?php

return [

    'driver' => env('SESSION_DRIVER', 'file'),

    'lifetime' => 120,

    'expire_on_close' => false,

    'encrypt' => false,

    'files' => storage_path('framework/sessions'),

    'connection' => null,

    'table' => 'sessions',

    'store' => null,

    'lottery' => [2, 100],

    'cookie' => 'fe_online',

    'path' => '/',

    'domain' => env('SESSION_DOMAIN', null),

    'secure' => env('SESSION_SECURE_COOKIE', false),

    'http_only' => true,
];

.env (thefinancialexpress.com.bd)

BROADCAST_DRIVER=log
CACHE_DRIVER=database
SESSION_SECURE_COOKIE=true
SESSION_DRIVER=database
QUEUE_DRIVER=sync

session.php (today.thefinancialexpress.com.bd)

<?php

return [

    'driver' => env('SESSION_DRIVER', 'file'),

    'lifetime' => 120,

    'expire_on_close' => false,

    'encrypt' => false,

    'files' => storage_path('framework/sessions'),

    'connection' => null,

    'table' => 'sessions',

    'store' => null,

    'lottery' => [2, 100],

    'cookie' => 'laravel_session',

    'path' => '/',

    'domain' => env('SESSION_DOMAIN', null),

    'secure' => env('SESSION_SECURE_COOKIE', false),

    'http_only' => true,

];

.env (today.thefinancialexpress.com.bd)

CACHE_DRIVER=database
SESSION_DRIVER=database
QUEUE_DRIVER=sync

Please help me to solve this problem.

Thanks & Regards

@EliyasHossain Please inspect the session cookie in your browser to verify that they are on each their domain. If the one for the main domain looks like this ".maindomain.com" it will also work for the subdomain, which you don't want. Probably both have that value. — xyz, May 20 '20 at 07:27
In that case you can change it with the config variable session.php -> domain — xyz, May 20 '20 at 07:28
@xyz please check cookie for main domain: https://imgur.com/BfugKJA And for subdomain: https://imgur.com/DnZe93y — Eliyas Hossain, May 20 '20 at 12:22
@EliyasHossain You can read more about shared cookies between main and subdomains here: https://stackoverflow.com/a/23086139/1732359 — xyz, May 22 '20 at 17:04

score 0 · Answer 1 · answered Jan 04 '21 at 17:42

0

In your config/session.php you can increase the lifetime, Eliya in your .env file set SESSION_LIFETIME to a higher number as per your requirement.

'lifetime' => env('SESSION_LIFETIME', 120), //120 minutes

'expire_on_close' => false,

answered Jan 04 '21 at 17:42

Shahzeb Ahmed

27
2

How to solve auto logout problem in Laravel

1 Answers1