How to solve the common problem of Laravel login time invalidation

How to solve the common problem of Laravel login time failure

When using Laravel to develop web applications, login authentication is a very important function . However, sometimes if a user does not operate for a long time after logging in, the page may automatically log out or the authentication may fail. This problem is relatively common. The following will introduce how to solve this problem by setting the session time and provide specific code examples.

1. Set the session expiration time

In Laravel, the session expiration time is 2 hours by default. You can set the session expiration time by modifying the lifetime option in the config/session.php file. For example, set the session expiration time to 1 day:

'lifetime' => 1440

2. Use the remember me function

In addition to setting the session expiration time, you can also use the "remember me" function provided by Laravel. Extend the validity period of the login status. When the user checks the "Remember Me" option, a long-term valid token will be generated, allowing the user to remain logged in even if they do not operate for a long time. During login authentication, you can set remember me through the Auth::attempt() method:

if (Auth::attempt(['email' => $email, 'password' => $password], $remember)) {
    // 登录成功
}

3. Refresh the session regularly

Another solution is timing Refresh the session, that is, update the last activity time of the session every time the user operates or visits the page, thus extending the expiration time of the session. This function can be achieved through middleware. First create a middleware named RefreshUserActivity:

php artisan make:middleware RefreshUserActivity

Then update the last activity time of the session in the middleware:

public function handle($request, Closure $next)
{
    if (Auth::check()) {
        Auth::user()->updateLastActivityTime();
    }

    return $next($request);
}

Finally, in AppHttpKernel. Register this middleware in the php file:

'web' => [
    // other middleware...
    AppHttpMiddlewareRefreshUserActivity::class,
],

Through the above three methods, we can effectively solve the common problem of Laravel login time failure. Setting a reasonable session expiration time, using the "remember me" function, or refreshing the session regularly can allow users to remain logged in even if they are not operating for a long time, improving user experience and system security.

The above is the detailed content of How to solve the common problem of Laravel login time invalidation. For more information, please follow other related articles on the PHP Chinese website!