[英]Laravel Session and Auth clears after redirection from Payment Gateway
I am using Laravel 7 and using PayTabs payment gateway for payments.我正在使用 Laravel 7 并使用 PayTabs 支付网关进行支付。 When the user is redirected back from the Paytabs, all the sessions and Auth are cleared.
当用户从 Paytabs 重定向回来时,所有会话和身份验证都将被清除。
Before redirecting to the Paytabs, im saving the session when the data is put in the session.在重定向到 Paytabs 之前,我会在将数据放入会话时保存会话。 as
作为
Session::put('data', $data);
Session::save();
And the redirection to Paytabs is as follows:重定向到 Paytabs 如下:
if ($response->response_code == "4012") { //Page created
return redirect()->to($response->payment_url);
} else {
abort(404);
}
I have also excluded the return url from CSRF Token check as follow:我还从 CSRF 令牌检查中排除了返回 url,如下所示:
VerifyCsrfToke.php验证CsrfToke.php
protected $except = [
'/paytab_return'
];
Also I have checked that the Paytabs redirects to the correct URL with https and www.我还检查了 Paytabs 是否使用 https 和 www 重定向到正确的 URL。
Favor needed to tackle this issue.需要帮助来解决这个问题。 Thanks
谢谢
This worked for Laravel 6.19.1:这适用于 Laravel 6.19.1:
$sessionKey = config('session.cookie') . '=' . session()->getId();
$successUrl = route('wirecardSuccess') . '?' . $sessionKey;
The URL I'd got is eg我得到的网址是例如
http://beatbox.vnr:8082/vnr/payment/wirecard/success?self_service_local_vnr_session=qNSQ7SessionIdtEA3Z72ReuvgsFt
as the url, where self_service_local_vnr_session is my session cookie name and qNSQ7SessionIdtEA3Z72ReuvgsFt the ID of the current session.作为 url,其中 self_service_local_vnr_session 是我的会话 cookie 名称,qNSQ7SessionIdtEA3Z72ReuvgsFt 是当前会话的 ID。
<?php
declare(strict_types=1);
namespace App\Http\Middleware;
use Illuminate\Contracts\Session\Session;
use Illuminate\Http\Request;
/**
* Class StartSession
* @package App\Http\Middleware
*/
class StartSession extends \Illuminate\Session\Middleware\StartSession
{
/**
* Get the session implementation from the manager.
*
* @param Request $request
* @return Session
*/
public function getSession(Request $request): Session
{
return tap($this->manager->driver(), static function ($session) use ($request) {
$sessionCookieName = config('session.cookie');
if ($request->has($sessionCookieName)) {
$sessionId = $request->input($sessionCookieName);
} else {
$sessionId = $request->cookies->get($session->getName());
}
$session->setId($sessionId);
});
}
}
I hope it'll help someone, who lands on this page :)我希望它会帮助登陆此页面的人:)
edit this fields in config/session.php在 config/session.php 中编辑此字段
'path' => '/;samesite=none',
'secure' => true,
'same_site' => 'none',
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.