Support the ongoing development of Laravel.io →
Authentication Requests Session
Last updated 7 months ago.
0
Solution

My problem is solved now, sort of. Posting here in case anyone happens to have the same confusion.

So I went to the IRC last night, and a friendly guy named 'luck' informed me that Laravel automagically sets a session every time, but that the auth session is still empty if I use Auth::onceBasic().

I did a dd(Session::all()), and it's correct.

Auth::basic()

array(3) { ["_token"]=> string(40) "zwXXXXXXXXXXXX" ["flash"]=> array(2) { ["old"]=> array(0) { } ["new"]=> array(0) { } } ["login_82XXXXXXXXXXXXXXXXfc"]=> int(1) }

Auth::onceBasic()

array(2) { ["_token"]=> string(40) "eRXXXXXXXXXXXX" ["flash"]=> array(2) { ["old"]=> array(0) { } ["new"]=> array(0) { } } }

He also informed me that sessions can be disabled entirely by setting 'driver' => 'array' in app/config/session.php. But considering that I only want statelessness in a specific route group, this was not an option.

Whether or not it's a bug, I have no idea, but I think it should be okay this way. I still find it weird that my browser is remembering my authentication though, I don't know if that behavior is different if I use cURL. Alternatively, he recommended me to use OAuth instead of basic HTTP, as it has become a de facto auth method for APIs.

I'll mark this post as a solution. :-)

EDIT: Just found out that you actually can set a specific route group to have sessions disabled, by using this solution: http://stackoverflow.com/a/21717582

Last updated 7 months ago.
0

Sign in to participate in this thread!

Cloudways

Your banner here too?

drcd drcd Joined 15 May 2014

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2022 Laravel.io - All rights reserved.