Session not always working over HTTPS

Question

I have a website served over https. We added a simple functionality to a fully functional website, which uses sessions. Everything works great...except the single little session call.

Route::get('/mode/switch', 'ProductController@switch')->name('products.list.mode'); // AJAX call


 public function switch(Request $request)
 {
     session()->put('list_mode', $request->input('mode') ?? 'grid');
     return response()->json(['success'=>true])->setStatusCode(202);
 }
[...] echo session()->get('list_mode'); // null

If I try to echo the session after setting it, everything is great (as is expected). However, when I refresh the page, the session's value is null. But sessions are used elsewhere in the site, in the same page, and are working just fine.

The relevant configs:

['secure'=>true, 'http_only'=>false, 'encrypt'=>true]

It also works fine on an non-https environment (with all config set to "non-secure"). However, for the life of me, I can't figure out why only this value is not set properly.

Thanks

try this: use Illuminate\Support\Facades\Session; Session::put('list_mode', $request->input('mode') ?? 'grid'); if(Session::has('list_mode')){ Session::get('list_mode'); } — Salman Zafar, Jul 16 '18 at 22:45
@apokryfos No it is a route in the web.php file with the session middleware. — user1453870, Jul 16 '18 at 22:57
It shouldn't work in non-https if you have secure set to true. — Devon, Jul 17 '18 at 01:21
@Devon Indeed, I wasn't clear enough, it works on a non-https environment with the configurations set to "non-secure". I edited to add clarity — user1453870, Jul 17 '18 at 12:58
@user1453870 which session store are you using? Are CSRF tokens working? You can see my answer here if not which deals with various session issues: https://stackoverflow.com/questions/46141705/the-page-has-expired-due-to-inactivity-laravel-5-5/46141940#46141940 — Devon, Jul 17 '18 at 13:10

Session not always working over HTTPS

0 Answers0