Skip to main content

Laravel Session with database driver keeps updating after logging out

I switched to database driver for Session and migrated the table. I've noticed that even after the logout action, the value last_activity in the table keeps getting updated after every refresh, even if the user isn't logged-in anymore.

I've tried removing it from the records of the database, but once the user refreshs at the login page, it gets inserted again.

I believe I'm doing something wrong to logout the user well. I want Laravel to stop refreshing the record of the session, as it might cause issues if every logged-out user kept accessing the database with their refreshes.

I'm logging in like this:

if (Auth::attempt($request->only('email', 'password'), ($request->remember_me === "on" ? true : false))) {
            // return settings too

            if(Auth::user()->active === false){
              return response()->json(array('status' => 'failure', 'message' => "Your account isn't active!"),500);
            }

            return response()->json(
                array(
                    'status' => 'success',
                    'message' => "Login is successful!"
                ),
                200
            );
        }

I'm logging out like this:

public function logoutUser(Request $request){
      Auth::user()->tokens()->delete();
      Session::flush();
    }

It's a SPA project via Sanctum.

config/session.php

'driver' => env('SESSION_DRIVER', 'database'),
'lifetime' => env('SESSION_LIFETIME', 120),
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => env('SESSION_CONNECTION', null),
'table' => 'sessions',
'store' => env('SESSION_STORE', null),
'lottery' => [2, 100],
'cookie' => env(
    'SESSION_COOKIE',
    Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
),
'path' => '/',
'domain' => env('SESSION_DOMAIN', null),
'secure' => env('SESSION_SECURE_COOKIE'),
'http_only' => true,
'same_site' => 'lax',

The user access /login page, then they get redirected to /dashboard. Basically, /dashboard needs auth, otherwise, you don't need to be logged in.

I've tried using /dashboard by the path field and cleared the config, it didn't work.

** I've noticed that the session gets registered regardless if the user is logged or not, as long as the user visits the website, it gets registered. My understanding was that it happens after the user is logged, as it would be a hassle to insert a record whenever a guest visits.

My question shifts into the following: How can I prevent this behavior from happening? I want to limit the session saving on a specific path only, which is /dashboard, and I want to ignore the session tracking for unlogged users. The moment they logout, the session gets destroyed.



source https://stackoverflow.com/questions/69350967/laravel-session-with-database-driver-keeps-updating-after-logging-out
Labels:

Comments

Post a Comment

Popular posts from this blog

Confusion between commands.Bot and discord.Client | Which one should I use?

Whenever you look at YouTube tutorials or code from this website there is a real variation. Some developers use client = discord.Client(intents=intents) while the others use bot = commands.Bot(command_prefix="something", intents=intents) . Now I know slightly about the difference but I get errors from different places from my code when I use either of them and its confusing. Especially since there has a few changes over the years in discord.py it is hard to find the real difference. I tried sticking to discord.Client then I found that there are more features in commands.Bot . Then I found errors when using commands.Bot . An example of this is: When I try to use commands.Bot client = commands.Bot(command_prefix=">",intents=intents) async def load(): for filename in os.listdir("./Cogs"): if filename.endswith(".py"): client.load_extension(f"Cogs.{filename[:-3]}") The above doesnt giveany response from my Cogs ...
Post a Comment
Read more

How to show number of registered users in Laravel based on usertype?

i'm trying to display data from the database in the admin dashboard i used this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count(); echo $users; ?> and i have successfully get the correct data from the database but what if i want to display a specific data for example in this user table there is "usertype" that specify if the user is normal user or admin i want to user the same code above but to display a specific usertype i tried this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count()->WHERE usertype =admin; echo $users; ?> but it didn't work, what am i doing wrong? source https://stackoverflow.com/questions/68199726/how-to-show-number-of-registered-users-in-laravel-based-on-usertype
Post a Comment
Read more

Why is my reports service not connecting?

I am trying to pull some data from a Postgres database using Node.js and node-postures but I can't figure out why my service isn't connecting. my routes/index.js file: const express = require('express'); const router = express.Router(); const ordersCountController = require('../controllers/ordersCountController'); const ordersController = require('../controllers/ordersController'); const weeklyReportsController = require('../controllers/weeklyReportsController'); router.get('/orders_count', ordersCountController); router.get('/orders', ordersController); router.get('/weekly_reports', weeklyReportsController); module.exports = router; My controllers/weeklyReportsController.js file: const weeklyReportsService = require('../services/weeklyReportsService'); const weeklyReportsController = async (req, res) => { try { const data = await weeklyReportsService; res.json({data}) console...
Post a Comment
Read more