Question

cookies not being recongnized / regenerated after some time only on cloud VPS

Posted on March 21, 2024
Initial Server Setup DigitalOcean Droplets
Asked by Ban Alexandru

Authentication in Laravel doesn’t work some time after the deploy in a specific environment

I have 2 web platforms built with Laravel that work perfectly fine both on the development environment as well as on local environemnt.

The problem lies in the fact that after I deploy these applications on a cloud infrastructure as a service provider, the applications work for approximatelly ~ 1 / 2 hours, sometimes even less, and then, on every login request it redirects me to back to the login page, even though the credentials on the login attempt are correct.

In between the login request and the redirect response I get blank view with the XSRF token stored in the session, but only for a few miliseconds.

For a clearer view of the problem I need to give you the full context so I will briefly document the infrastructure and the architecture on which the application runs

The applications use the following technologies:

Laravel (web platform built in the old fashioned monolith style) v10
MariaDB v10.7.5
Redis cache database v.6.2.7
Melisearch v0.27.2

For each one of these technologies there is a Docker container. The communication between them is facilitated by a traefik Docker network. (all containers are on the same droplet)

These are some of the environment configuration variables I use that I think might be relevant for the problem:

for one of the platforms are these:

CACHE_DRIVER: "redis"
QUEUE_CONNECTION: "redis"
SESSION_DRIVER: "redis"

for the other platfom are just the default ones:

💡 also for the second web platform I did’t configure the Redis and Melisearch services and I only run 2 Docker containers, for the app and database.

CACHE_DRIVER: "file"
QUEUE_CONNECTION: "sync"
SESSION_DRIVER: "file"

The following things can be done to temporarily get the app working:

ssh-ing into the VPS and manually restarting the container
clearing the 2 cookies from the browser’s storage (XSRF-cookie, applications session cookie

💡 Note that the develop environment, the one on which the web applications work with no problems is on a self-hosted and maintained server that also has a DNS, CDN and revers-proxy provider on top

Has someone else encountered this wierd behaviour? If so what’s causing it and how could it be solved?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev

Site Moderator

• July 8, 2024

Hey!

This is quite interesting. Since this is an intermittent issue and the fact that it works initially, I suspect it might be related to server resource utilization like RAM and CPU utilization.

To verify if this is indeed the case, monitor your server’s memory usage. If the server is running out of memory, it might kill processes, including those handling sessions:

https://docs.digitalocean.com/products/monitoring/concepts/metrics/

Also, I could suggest a couple of things here:

Add logging to track session creation to see if this occurs during a specific operation.
Keep an eye on the Redis service, and the file storage to see if/when session data disappears.
Check server logs for any relevant errors.

On another note, can you also verify the session lifetime configuration is in your config/session.php file? The default session lifetime might be too short causing that issue.

- Bobby