Ok, I'm at a complete loss here. I've spent days digging through Laravel's source code, SO posts, Laracasts posts, everything. Still no luck.
We have many different ways of accessing our application through SSO. Thousands of users successfully sign in every day. But, we've been having intermittent login failures and we can't pin down the root cause. We use redis for sessions in production, but there are no redis errors. There are no 500s or exceptions from Laravel either.
Login will break for particular users without any explanation and then Auth::login() returns null. The user is then prompted with the "An unknown error occurred" message because we have no idea why if a user exists, logging them in would fail.
We have also been able to (briefly) recreate this issue locally. When tested locally we set a dd($user) AFTER the Auth::loginUsingId($user->id) condition which confirms that the user has in fact been found. We also tried switching to Auth::login($user) to see if this method works instead but no luck. After spamming the login repeatedly the issue (without cause) no longer occurs locally.
So far our best hypothesis is that we are experiencing an issue writing to the session (file for local and Redis for production). We have read in the past that using file for sessions with Laravel is not a guaranteed feat because filesystems are sketchy and it's more of a development feature. Our Redis server has very decent average latency but we see some pretty high numbers for latency (up to 50s). Therefore, we believe some sort of session connection/write exception is being suppressed or we are otherwise able to find its existence in the logs.
Any advice at all would be appreciated.
Laravel: v5.7, Redis: v4.6
Here is the login code (which absolutely works for 99.99% of users):
$info = json_decode($ssoClient->getUserInfo($bearerToken), true);
$email = $info['Email'];
$sourcedId = $info['SourcedId'];
$user = User::where('external_id', $sourcedId)->orWhere('email', $email)->first();
if (!$user) {
return redirect($redirectUrl . base64_encode(
$this->handleResponse(404, ['message' => 'Account is not yet synced. If this persists please contact an administrator.', 'user' => $info]')
));
}
if (Auth::guard('web')->loginUsingId($user->id))
return redirect($this->getRedirectUrl($user));
// returns (false, null, false, User Object)
dd(Auth::check(), Auth::loginUsingId($user->id), Auth::check(), $user);
return redirect($redirectUrl . base64_encode(
$this->handleResponse(500, ['message' => 'An unknown error occured. Please try again.', 'user' => $user])
));
from Newest questions tagged laravel-5 - Stack Overflow https://ift.tt/34FyVsD
via IFTTT
Aucun commentaire:
Enregistrer un commentaire