auth()->user() is null in Laravel 5.2

Question

I just update the composer to Laravel 5.2 and not able to view password protected pages. Basically below line of code is not working.

auth()->user()

Can somebody suggest why this is not working ?

Did you update your config/auth.php configuration file with the following: https://github.com/laravel/laravel/blob/develop/config/auth.php ? — Daniel Castro, Dec 29 '15 at 03:44
Yes, The only change is : `'model' => App\Models\User\User_Model::class,` instead of `model' => App\User::class,` — , Dec 29 '15 at 03:47
What does `attempt()` (or `login()` or whatever you're using) return when you try to authenticate the user? — Bogdan, Dec 29 '15 at 03:50
`Auth::user()` is not null in `handleUserWasAuthenticated` method in `Trait AuthenticatesUsers` — , Dec 29 '15 at 03:58
Possible duplicate of [Laravel 5.2 Auth not Working](http://stackoverflow.com/questions/34548061/laravel-5-2-auth-not-working) — Moppo, Mar 19 '16 at 11:35

score 19 · Accepted Answer · answered Dec 29 '15 at 04:01

19

Make sure any routes that require sessions (which Auth uses) are behind the 'web' middleware group.

Route::group(['middleware' => 'web'], function () {
    // your routes
});

This is a change that is new to 5.2. By default routes do not have this middleware stack applied. The web middleware group sets the session store, cookies, and csrf protection.

answered Dec 29 '15 at 04:01

lagbox

48,571
8
72
83

Great answer. I'd upgraded to 5.2 and my package controllers were suddenly not able to find the authenticated user. – Samuel Hawksby-Robinson Aug 22 '16 at 13:38

score 7 · Answer 2 · answered Mar 20 '16 at 14:25

In Laravel 5.2 upgrade, routes that use Auth must be in web middleware group.

I solved this problem in app/Http/Kernel.php moving web middleware groups to global middlewares.

protected $middleware = [
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
    \App\Http\Middleware\EncryptCookies::class,
    \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
    \Illuminate\Session\Middleware\StartSession::class,
    \Illuminate\View\Middleware\ShareErrorsFromSession::class,
    \App\Http\Middleware\VerifyCsrfToken::class
];

I got same issue in 5.3.6 and your suggestion solved my issue. Thank You. +1 — Pankaj, Sep 08 '16 at 22:59

score 5 · Answer 3 · answered Oct 20 '16 at 08:42

5

May it will help someone else. But don't forget to see what the guard you are using. For example, for admins you may not default guard, but create your own. Don't forget it. Calling \Auth::guard($guard)->user()

answered Oct 20 '16 at 08:42

Илья Савич

665
1
6
18

score 1 · Answer 4 · answered Jun 30 '17 at 08:43

For those who don't want to blindly add middleware to routes, you simply need to add the classes that manage cookies & sessions to the relevant middleware group (api in my case). For me those classes where:

\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Session\Middleware\StartSession::class,

This is how my App\Http\Kernel::$middleWare variable ended up looking:

protected $middlewareGroups = [
    'web' => [
        ...
    ],

    'api' => [
        'throttle:60,1',
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authenticate::class
    ],
];

Using Laravel 5.3

auth()->user() is null in Laravel 5.2

4 Answers4

Linked