I have the same question, because my database column remember_token is always empty...

It is set by Laravel itself, when you set to remember the user. And is regenerated on logging out.

But after i logged in with remember true, the database column is empty. I think the column should be filled with a token, or i misunderstood anything?

No it should be set. Did you follow the upgrade guide to 4.1.26? http://laravel.com/docs/upgrade#upgrade-4.1.26

Yep, and the column remember_token is nullable. My login works fine but the token never gets updated if i login with remember = true.

Hmm...

I think there is a problem because i'm using Ardent to validate my User model. (User extends Ardent) Laravel's core functions use the save() method to update the remember_token which will fail because the model is invalid.

Anyone who has the same problem? Is there any workaround?

Here is my workaround when using Ardent to validate my User model.

I just added

User::$rules = array();

to overwrite my validation rules before Auth::attempt()

This hack does seem to work but remember to include it before auth::logout or it will not change the token

From what i found the issue is the save in the eloquent user provider. How would i go about extending this

I figured out a little better of a method then statically overriding validation rules. This is my first foray into extension so please excuse me if its not refined.

Step 1: Create a class to extend Eloquent User Provider

example:

<?php namespace Irony\Auth; use \Illuminate\Auth\EloquentUserProvider; class ArdentEloquentUserProvider extends EloquentUserProvider { /** * @param \Illuminate\Auth\UserInterface $user * @param string $token */ public function updateRememberToken(\Illuminate\Auth\UserInterface $user, $token) { $user->setAttribute($user->getRememberTokenName(), $token); $user->forceSave(); } } step 2: add it to a bootstrapped file. I added it to start.php before the return of the application object example: /** Auth ardent work around */ \Auth::extend('Ardent', function() { return new \Illuminate\Auth\Guard( new \Irony\Auth\ArdentEloquentUserProvider( new \Illuminate\Hashing\BcryptHasher, \Config::get('auth.model') ), \App::make('session.store') ); }); step 3: change driver in auth config file config/auth.php example: | Supported: "database", "eloquent" | */ 'driver' => 'Ardent', Now the only issue was the save to force save and I am sure there is a better way of doing this like maybe a service provider to stop from having to alter start.php? please god let me know because I am a little out of my depths lol

This is what i did to solve and it worked! Just go to the Auth/Guard.php and go to the method

	protected function createRememberTokenIfDoesntExist(UserInterface $user)
	{
		if (is_null($user->getRememberToken()))
		{
			$this->refreshRememberToken($user);
		}
               else
               {
                       $this->refreshRememberToken($user);
               }
	}
Notice the method after else it is same because it will tell if its not null refresh the token!
then token should be set after each login as well as on logout.

I had the same problem before, because I added the "remember_token" nullable column to my users table but I didn't set its default value to NULL. The column "remember_token" MUST be set to NULL (it's different from an empty string) in order to let Laravel setting it with the token value. This way is not necessary any core class extension, so please try this before editing/extending core Laravel classes.

I know, this should be written in Laravel's doc... $#!?!KK!!!

Auth::attempt($userdata, true) and add remember_token collumn to you user table

make sure remember_token is 255 varchar and set to NULL

This may seem to diverge from the question but I don't want to create a new question for it. Just need a simple answer.

Should the 'remember_token' field be guarded or fillable?