Sessions not persisting in Lumen PHP framework

Question

I'm using the Lumen (by Laravel) micro-framework for a project, and I'm having some trouble with sessions. I'm just testing the implementation now, but the problem I'm experiencing is that when I set a session variable and then refresh the page, the variable is no longer set.

In my .env file I have:

SESSION_DRIVER=cookie

And I know that this is being picked up, because when I change it to memcached it throws an error (because I don't have memcached set up).

I've enabled the middleware too:

$app->middleware([
    'Illuminate\Session\Middleware\StartSession',
    'Illuminate\View\Middleware\ShareErrorsFromSession',
]);

Then in my controller I have:

<?php
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;

class SessionController extends Controller
{
    public function index(Request $request)
    {
        $request->session()->put('email', '[email protected]');
        $request->session()->save(); // Not sure if this is required

        var_dump($request->session()->get('email'));
        exit;

        return view('session.index', ['test' => $value]);
    }
}

The value is set when I load the page:

string(13) "[email protected]"

But then when I comment out the lines that set the variable, and I then refresh the page, the value is NULL:

// $request->session()->put('email', '[email protected]');
// $request->session()->save();

var_dump($request->session()->get('email'));
exit;

A single cookie is being set in the browser, but it doesn't appear to be for the session variable:

laravel_session 2ecef0103418ca82d068ec6a6c6fbec388af9b9e    localhost   /   2015-06-22T14:59:29.856Z    55  ✓

EDIT: The cookie is actually set if I set the SESSION_DRIVER as cookie – regardless of whether or not I actually set a session variable.

I'm not sure where I'm going wrong here, and I don't find the documentation very comprehensive.

Thanks

Answer 1

Since you are trying to use the cookie session storage you'll need the cookie middleware too. The enabled middleware should be:

$app->middleware([
    'Illuminate\Cookie\Middleware\EncryptCookies',
    'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
    'Illuminate\Session\Middleware\StartSession',
    'Illuminate\View\Middleware\ShareErrorsFromSession',
]);

In your first example you use the session immediately after creating it so you are able to recover the value. However, since the session cookie itself is not set by the code, when you return to the page, no session is recovered. The "laravel_session" cookie is always set whether you use cookie storage or not. I'm using the file storage in a project and still it gets set.

Also, AFAIK, the line:

$request->session()->save();

is unnecessary.

---

The documentation states:

To enable sessions, you must uncomment all of the middleware within the $app->middleware() method call in your bootstrap/app.php file.