[FIXED] Persisting sessions across subdomains in Laravel 5

Issue

Using 5.0

in config/session.php I have set 'domain' => '.example.com' but it is not working. I cannot persist a session on even one domain like this.

My site has many subdomains:

vancouver.example.com
newyork.example.com

etc... they are hosted on the same server and are the same Laravel app (share the same storage directory)

I login with the correct credentials, upon which the app redirects to another page on the site, and I have no session at that point. var_dump(Auth::user()) shows null even though I logged in with the correct credentials.

storage/framework/sessions shows 14 different files there, they are all for me and I cleared them out before I started testing this.

I'll attach my AuthController@postLogin method below, which works fine if session.php 'domain' => null

public function postLogin(Request $request)
{
    $this->validate($request, [
        'email' => 'required|email', 'password' => 'required',
    ]);

    $credentials = $request->only('email', 'password');

    if ($this->auth->attempt($credentials, $request->has('remember')))     {
        Session::flash('message', 'You are now logged in.');
        Session::flash('status', 'success');

        if (str_contains($_SERVER['HTTP_REFERER'], '?goto=')) {
            $params = explode('?', $_SERVER['HTTP_REFERER'])[1];
            $target = explode('=', $params)[1];
        } else {
            $target = '/';
        }

        return redirect($target);
    }

    return redirect($this->loginPath())
                ->withInput($request->only('email', 'remember'))
                ->withErrors([
                    'email' => $this->getFailedLoginMessage(),
                ]);
}

Solution

Figured it out. Update domain => '.example.com' in session.php and clear the cookies for the site in question.

Answered By - Anthony Vipond