Support the ongoing development of →
Configuration Authentication Security
Last updated 2 years ago.

'web' middleware must be applied to all routes where you need sessions, which Auth uses.


Check your login function, i had this problem and resolve with this in my AuthController:

public function Login(Request $request)
        // If the class is using the ThrottlesLogins trait, we can automatically throttle
        // the login attempts for this application. We'll key this by the username and
        // the IP address of the client making these requests into this application.
        $throttles = $this->isUsingThrottlesLoginsTrait();

        if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {

            return $this->sendLockoutResponse($request);

        $credentials = ['nm_login' => $request->get('email'), 'password'=>$request->get('password')];

        if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) {
            return $this->handleUserWasAuthenticated($request, $throttles);

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        if ($throttles && ! $lockedOut) {

        return $this->sendFailedLoginResponse($request);

I'm use custom login.

Sorry for my english, but i hope you understand

Last updated 8 years ago.

There was something wrong with my barryvdh/laravel-ide-helper. I had to start over with a fresh laravel install and copy/paste my code. Everything is fine now.

Thanks anyway.


Sign in to participate in this thread!


Your banner here too?

lexidata lexidata Joined 22 Mar 2016


We'd like to thank these amazing companies for supporting us

Your logo here?

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 - All rights reserved.