I think the Session is generally considered to be unavailable inside Service Provider/Plugin register and boot methods. This is because it fires very early in the life cycle.
Maybe consider using App::before(function() { /* ... */ }); to wrap the logic, the session should be available inside this event.
This is what I did but it doesn’t seems to work. Any ideas ? I have some code that I can’t move inside the controller directly because it’s not my plugins.
The code itself is fine. The advice in that ticket still applies today, using App::before will indeed defer until after the session has been activated.
The session requires cooperation from the browser and the server. If it works for some users and not others, we can reasonably determine it is some browsers not playing ball.
Check to make sure that the session cookie is accepted by the browser. Without this cookie, the getUser method will return null, even if they have signed in successfully.
When a user visits a website, their browser stores session information and cookies related to that particular domain. The “www” prefix is considered a subdomain, and cookies set on the main domain (without the “www” prefix) may not be accessible or recognized by the subdomain.
In your case, it’s possible that the session data or authentication cookies required for retrieving the logged-in user are not accessible when accessing the application with the “www” prefix. As a result, the \BackendAuth::getUser() method returns null.
To resolve this issue, you should ensure that your session configuration and cookie settings are consistent across the main domain and its subdomains. Specifically, check the SESSION_DOMAIN setting in your Laravel configuration (config/session.php) and make sure it is set to the appropriate value. For example, you may need to set it to .mywebsite.com (note the leading dot) to allow cookies and session data to be shared across subdomains.
Additionally, double-check your web server configuration to ensure that requests to both the “www” and non-www versions of your domain are correctly handled and routed to the same application instance.
By aligning the session configuration and ensuring consistent cookie accessibility, you should be able to retrieve the logged-in user regardless of whether the “www” prefix is present in the URL.
Hopefully this help! @daft let me know if you have any comments
UPDATE #322 lol
Some users still experience the issue, even after cleaning the cookies on their browser, it’s weird…