Laravel 5.2: Auth::check() keeps returning false

0
votes

I'm starting out a new Laravel 5.2 project, and I've run into a strange authentication problem: Auth::check() returns false constantly.

If you think this is a duplicate, read on. I've tried multiple suggestions to fixing this issue with no luck.

The setting:

  • The application environment is Laravel Homestead's php-7 branch (Vagrant box).
  • User models use UUIDs instead if IDs (table has auto-incrementing id switched to a 36-character uuid primary key column).
  • User model primaryKey has been changed from id to uuid and incrementing has been set to false.
  • Used artisan make:auth to generate authentication baseline to work with.
  • Authentication routes have been set for getLogin, postLogin, getEmail, postEmail, getReset and postReset and they are working fine.
  • web middleware is used for all routes in the application at the moment.
  • Auth config and session config inside config dir are at defaults (except a namespace change for auth model).
  • Passing in invalid credentials triggers validation errors properly.
  • After logging in the redirectPath on AuthController does work, but the guest middleware hijacks the request and redirects user back to login route.

I can create users fine and change their forgotten passwords using the created route definitions. I can "log in" on the login route, but Auth::check() always returns false in the guest middleware (Middleware\Authenticate class).

I've tried the following session drivers without success:

  • File
  • Redis
  • Cookie
  • Database

I even tried to revert the users table primary key to named id, but that didn't change anything.

Something I noticed: as my user IDs are actually char(36) UUIDs, the database session driver did not save the user_id properly: it saved the integer characters from the user UUID and then cut off the rest of the value (e.g. users.uuid 3f2358907afafaf becomes session.user_id 3), or 0 if the user ID starts with a non-numeric character (a-f).

I've found a huge amount of questions and threads and search results for this same issue. I tried the things most said would work, but I didn't get it working still:

  • I have set the $user->primaryKey protected property to uuid (which affects $model->getKey() and $model->getAuthIdentifier() too).
  • I have tried multiple different session drivers with no success.
  • I have tried reverting to the users.id column name instead of users.uuid, no change.
  • I have cleared all caches I can think of.
  • I have checked that there is no whitespace output before views output (need to dig a bit deeper though in case I missed some files).

The only thing which I have not properly tried yet is to just switch back the auto-incrementing IDs for users (instead of UUIDs). I've tied the UUID concept pretty tight already but I'll see what I can do to solve this issue.

Please do ask for details if I'm missing something in this question.

2
phpsessionauthenticationlaravel-5uuid

2 Answers

1
votes

I think laravel has a bug. It often keeps returning false on each Auth::check() after the execution of Auth::attempt()

Try editing the $middleware[]; in Kernel.php to:

protected $middleware = [
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
    \Illuminate\Session\Middleware\StartSession::class,
    \Illuminate\View\Middleware\ShareErrorsFromSession::class,
];

I hope it will work.

1
votes

Laravel's Eloquent Model assume that each table has a primary key column named id.

So if you have changed the primary key of your Users table to something else, your Auth session wont be set.

You should define a $primaryKey property to override this convention just like defining $table in the Model class like: 

protected $primaryKey = "your_field_ID";

May be late, but should help others who come here looking for answers.