从支付网关重定向后 Laravel 会话和身份验证清除
[英]Laravel Session and Auth clears after redirection from Payment Gateway
问题描述
I am using Laravel 7 and using PayTabs payment gateway for payments.
我正在使用 Laravel 7 并使用 PayTabs 支付网关进行支付。 When the user is redirected back from the Paytabs, all the sessions and Auth are cleared.当用户从 Paytabs 重定向回来时,所有会话和身份验证都将被清除。
Before redirecting to the Paytabs, im saving the session when the data is put in the session.在重定向到 Paytabs 之前,我会在将数据放入会话时保存会话。 as作为
Session::put('data', $data);
Session::save();
And the redirection to Paytabs is as follows:重定向到 Paytabs 如下:
if ($response->response_code == "4012") { //Page created
return redirect()->to($response->payment_url);
} else {
abort(404);
}
I have also excluded the return url from CSRF Token check as follow:我还从 CSRF 令牌检查中排除了返回 url,如下所示:
VerifyCsrfToke.php验证CsrfToke.php
protected $except = [
'/paytab_return'
];
Also I have checked that the Paytabs redirects to the correct URL with https and www.我还检查了 Paytabs 是否使用 https 和 www 重定向到正确的 URL。
Favor needed to tackle this issue.需要帮助来解决这个问题。 Thanks谢谢
2 个解决方案
解决方案1
1 2020-10-27 17:47:24
This worked for Laravel 6.19.1:这适用于 Laravel 6.19.1:
- I added a GET variable to my success, error or cancelUrls of the payment gate我在付款门的成功、错误或取消网址中添加了一个 GET 变量
- This variable was called exactly the same as the name of the session cookie此变量的调用与会话 cookie 的名称完全相同
$sessionKey = config('session.cookie') . '=' . session()->getId();
$successUrl = route('wirecardSuccess') . '?' . $sessionKey;
The URL I'd got is eg我得到的网址是例如
http://beatbox.vnr:8082/vnr/payment/wirecard/success?self_service_local_vnr_session=qNSQ7SessionIdtEA3Z72ReuvgsFt
as the url, where self_service_local_vnr_session is my session cookie name and qNSQ7SessionIdtEA3Z72ReuvgsFt the ID of the current session.作为 url,其中 self_service_local_vnr_session 是我的会话 cookie 名称,qNSQ7SessionIdtEA3Z72ReuvgsFt 是当前会话的 ID。
- Then I needed to extend the StartSession Middleware with this code然后我需要使用此代码扩展 StartSession Middleware
<?php
declare(strict_types=1);
namespace App\Http\Middleware;
use Illuminate\Contracts\Session\Session;
use Illuminate\Http\Request;
/**
* Class StartSession
* @package App\Http\Middleware
*/
class StartSession extends \Illuminate\Session\Middleware\StartSession
{
/**
* Get the session implementation from the manager.
*
* @param Request $request
* @return Session
*/
public function getSession(Request $request): Session
{
return tap($this->manager->driver(), static function ($session) use ($request) {
$sessionCookieName = config('session.cookie');
if ($request->has($sessionCookieName)) {
$sessionId = $request->input($sessionCookieName);
} else {
$sessionId = $request->cookies->get($session->getName());
}
$session->setId($sessionId);
});
}
}
- The payment was made and the redirection url (with the session id) allowed me to retrieve the old session information.付款已完成,重定向 url(带有会话 ID)允许我检索旧的会话信息。
I hope it'll help someone, who lands on this page :)我希望它会帮助登陆此页面的人:)
解决方案2
0 2021-06-01 15:09:16
edit this fields in config/session.php在 config/session.php 中编辑此字段
'path' => '/;samesite=none',
'secure' => true,
'same_site' => 'none',
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.