Laravel4在生产服务器中丢失了会话

时间:2015-12-22 07:30:23

标签: php session-variables laravel-4.2

我正在检查用户是否已登录

Class LoginController extends BaseController {

    public function getIndex(){
        return View::make('login',array('eventname' => Request::segment(1)));
    }

    public function postIndex(){

        $xx = User::where('email','=',Input::get('email'))->where('event','=',$requestedevent)->first();
        $eventattempt = Input::get('event');

        if ($xx){

                if(Auth::attempt($userDetails)){
                    if(Auth::check()){
                        // return var_dump($xx->id);
                        Session::put('username',Auth::user()->name);
                        Session::put('userid',Auth::user()->id);
                        Session::put('event',Auth::user()->event);
                        return Redirect::to($eventattempt.'/form/page1');
                    }
                } else {
                    return Redirect::to($eventattempt.'/login')->with('login_errors',true);
                }

        } else {
            return Redirect::to($eventattempt.'/login')->with('login_errors',true);
        }


    }

}

然后我在Form控制器中做了一个像这样的过滤器

<?php



Class FormController extends BaseController{



    public function __construct(){
        $this->beforeFilter('auth');
        $this->beforeFilter('eventcheck');


    }

  }

我的filters.php看起来像这样     

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/

App::before(function($request)
{
    //
});


App::after(function($request, $response)
{
    //
});

/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/

Route::filter('auth', function()
{
       //dd('ssss');

    if (Auth::guest()){

        if (Request::ajax())
        {
            return Response::make('Unauthorized', 401);
        }
        else
        {
            dd(Session::get('event'));

            return Redirect::guest('login');
        }
    }
});


Route::filter('auth.basic', function()
{
    return Auth::basic();
});


/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/

Route::filter('guest', function()
{
    if (Auth::check()) return Redirect::to('/');
});


/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/

Route::filter('csrf', function()
{
    if (Session::token() != Input::get('_token'))
    {
        throw new Illuminate\Session\TokenMismatchException;
    }
});


Route::filter('eventcheck',function(){

    //dd(Session::get('event'));

    switch(Request::segment(1))
    {
        case 'rescom_summit_bangalore_2016':
            $requestedevent = 'Rescom Summit Bangalore 2016';
            break;
        case 'design_mission_saudi_arabia_2016':
            $requestedevent = 'Design Mission Saudi Arabia 2016';
            break;
        case 'design_mission_north_east_2016':
            $requestedevent = 'Design Mission North East 2016';
            break;
        case 'design_mission_south_west_2016':
            $requestedevent = 'Design Mission South West 2016';
            break;
        case 'design_mission_middle_east_2016':
            $requestedevent = 'Design Mission Middle East 2016';
            break;
        case 'design_mission_south_africa_2016':
            $requestedevent = 'Design Mission South Africa 2016';
            break;
        case 'design_mission_turkey_2016':
            $requestedevent = 'Design Mission Turkey 2016';
            break;
        case 'design_mission_asia_2016':
            $requestedevent = 'Design Mission Asia 2016';
            break;
        case 'design_mission_russia_2016':
            $requestedevent = 'Design Mission Russia 2016';
            break;
        case 'healthscape_series_2016':
            $requestedevent = 'Healthscape Series 2016';
            break;
        case 'hotelier_summit_africa_2016':
            $requestedevent = 'Hotelier Summit Africa 2016';
            break;
        case 'design_mission_middle_east_2016':
            $requestedevent = 'Design Mission Middle East 2016';
            break;
        case 'hotelier_summit_india_0se_2016':
            $requestedevent = 'Hotelier Summit India Ose 2016';
            break; 
        case 'hotelier_summit_india_Ffe_2016':
            $requestedevent = 'Hotelier Summit India Ffe 2016';
            break;

    }

    if ($requestedevent!=Auth::User()->event){
        Auth::logout();
        Session::flush();
        return Redirect::to(Request::segment(1).'/login')->with('login_errors',true);
    }
});

所以我在登录后尝试打印Session::get('event')变量,在我的 Production Server 中显示NULL,但不在我的 本地服务器

任何想法为什么会发生这种情况

更新

我的会话配置看起来像这样

<?php

return array(

    /*
    |--------------------------------------------------------------------------
    | Default Session Driver
    |--------------------------------------------------------------------------
    |
    | This option controls the default session "driver" that will be used on
    | requests. By default, we will use the lightweight native driver but
    | you may specify any of the other wonderful drivers provided here.
    |
    | Supported: "file", "cookie", "database", "apc",
    |            "memcached", "redis", "array"
    |
    */

    'driver' => 'cookie',

    /*
    |--------------------------------------------------------------------------
    | Session Lifetime
    |--------------------------------------------------------------------------
    |
    | Here you may specify the number of minutes that you wish the session
    | to be allowed to remain idle before it expires. If you want them
    | to immediately expire on the browser closing, set that option.
    |
    */

    'lifetime' => 120,

    'expire_on_close' => false,

    /*
    |--------------------------------------------------------------------------
    | Session File Location
    |--------------------------------------------------------------------------
    |
    | When using the native session driver, we need a location where session
    | files may be stored. A default has been set for you but a different
    | location may be specified. This is only needed for file sessions.
    |
    */

    'files' => storage_path().'/sessions',

    /*
    |--------------------------------------------------------------------------
    | Session Database Connection
    |--------------------------------------------------------------------------
    |
    | When using the "database" or "redis" session drivers, you may specify a
    | connection that should be used to manage these sessions. This should
    | correspond to a connection in your database configuration options.
    |
    */

    'connection' => null,

    /*
    |--------------------------------------------------------------------------
    | Session Database Table
    |--------------------------------------------------------------------------
    |
    | When using the "database" session driver, you may specify the table we
    | should use to manage the sessions. Of course, a sensible default is
    | provided for you; however, you are free to change this as needed.
    |
    */

    'table' => 'sessions',

    /*
    |--------------------------------------------------------------------------
    | Session Sweeping Lottery
    |--------------------------------------------------------------------------
    |
    | Some session drivers must manually sweep their storage location to get
    | rid of old sessions from storage. Here are the chances that it will
    | happen on a given request. By default, the odds are 2 out of 100.
    |
    */

    'lottery' => array(2, 100),

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Name
    |--------------------------------------------------------------------------
    |
    | Here you may change the name of the cookie used to identify a session
    | instance by ID. The name specified here will get used every time a
    | new session cookie is created by the framework for every driver.
    |
    */

    'cookie' => 'laravel_session',

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Path
    |--------------------------------------------------------------------------
    |
    | The session cookie path determines the path for which the cookie will
    | be regarded as available. Typically, this will be the root path of
    | your application but you are free to change this when necessary.
    |
    */

    'path' => '/',

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Domain
    |--------------------------------------------------------------------------
    |
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.
    |
    */

    'domain' => null,

    /*
    |--------------------------------------------------------------------------
    | HTTPS Only Cookies
    |--------------------------------------------------------------------------
    |
    | By setting this option to true, session cookies will only be sent back
    | to the server if the browser has a HTTPS connection. This will keep
    | the cookie from being sent to you if it can not be done securely.
    |
    */

    'secure' => false,

);

1 个答案:

答案 0 :(得分:0)

可能是这种情况。

来自laravel docs:https://laravel.com/docs/master/routing

  

未放置在Web中间件组中的任何路由都不会   访问会话和CSRF保护,因此请确保所有路由   需要将这些功能放在组内。通常情况下,你会   将您的大部分路线放在此群组中:

Route::group(['middleware' => ['web']], function () {
     //all routes
});

将您的路线放在中间件中,您的问题就会解决。