So the title basically says it all, I am using Laravel 5.4, PHP 7.1 and on my local machine sessions are working just fine. Essentially when trying to login or reloading the page every time I get a new CSRF token which breaks everything. I am using database as my session driver and it creates a new entry into the DB every single request I make. This happened on my local machine when I first upgraded but to fix it the solution was to update my cookie_domain env variable and I got it working. However on my new server I have tried every domain I could think of and it still does not work.
这是我所知道的,
Session cookie is not being saved under Chrome -> Application -> Cookies, this is indeed showing up on my local setup.
CSRF-TOKEN gets a new value every page reload but the XSRF-TOKEN cookie is present and maintains its value on every reload.
本地服务器和我的新服务器都运行完全相同的git分支,并且都运行Apache2.4、Laravel 5.4和PHP7.1,因此我认为这是某种配置问题.本地和服务器都在运行centos 7
每个请求都会在DB中创建一个新会话,这发生在GET、POST和AJAX请求中.
I assume this is a config issue from somewhere but I have no idea, any help would be greatly appreciated. If it helps, looking under my response Headers for my initial page load both sid and the laravel session are present under the 'Set-Cookie" command, but neither actually save to the local application cookie storage.
Edit / Update So originally I answered my own question by saying what I thought was the fix, however this fix is no longer working and I am getting this issue all over the place. So to update my issue is the same as before, trying to do anything creates a new session, reloading and navigating a few pages adds dozens of sessions due to ajax requests and other such activity.
My setup now is this, I have 3 servers all three are running off of a cloned image which means they are identical, however one of them is a subdomain, development.mysite.com and the other 2 are load balanced for the main site mysite.com. So the ONLY possible explanation I can come up with is that somehow laravel cannot understand my setup due to my subdomain. I have tried every possible combination of COOKIE_DOMAIN in the .env file (development.mysite.com, .mysite.com, mysite.com, .development.mysite.com etc) and I have added dozens of options to my host all to no avail. Any ideas as to what this could be?
**Edit / Update #2 ** In addition to this I have found that it might be related to my domain in use being a subdomain, in which the main domain is also running laravel, if so I will have to figure out how and why.