Search code examples
phplaravelauthenticationgoogle-apilaravel-socialite

Laravel socialite login after successful auth not redirecting

I have a laravel project that uses google to login. I am using socialite package from laravel. I can save the user's info in my database after they confirm in the google auth screen, but after that it will redirect to login always. It seems the Auth::login($user) is not working. Did I miss something?

Here is my Login controller

public function redirectToProvider()
{
    return Socialite::driver('google')->redirect();
}


public function handleProviderCallback()
{
    try {
        $user = Socialite::driver('google')->user();
    } catch (\Exception $e) {
        return redirect('/login');
    }

    $existingUser = User::where('email', $user->email)->first();
    if($existingUser){
        //login the user
        \Auth::login($existingUser,true);
        return redirect('/home');
    } else {
        // create a new user
        $newUser                  = new User;
        $newUser->name            = $user->name;
        $newUser->email           = $user->email;
        $newUser->google_id       = $user->id;
        $newUser->avatar          = $user->avatar;
        $newUser->avatar_original = $user->avatar_original;
        $newUser->save();

        \Auth::login($newUser,true);
    }
    return redirect('/home');
}

Route

Route::get('/redirect', 'Auth\LoginController@redirectToProvider');
Route::get('/callback', 'Auth\LoginController@handleProviderCallback');

Authorized redirect URI's from google console

http://localhost:8000/callback
http://localhost:8000/home

Reference in laravel login with google using socialite: link here

Also when i check the network. the /home path is written as response 302. enter image description here

Solution

  • I just resolved it by making the domain null in my session.php. I dont know if this is the correct answer but I can now redirect to my homepage after logging in with google. Maybe if i deploy this to production i will change the domain thing to the actual url of my server.

    /*
    |--------------------------------------------------------------------------
    | Session Cookie Domain
    |--------------------------------------------------------------------------
    |
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.
    |
    */

    'domain' => null,

    /*
    |--------------------------------------------------------------------------
    | HTTPS Only Cookies
    |--------------------------------------------------------------------------
    |
    | By setting this option to true, session cookies will only be sent back
    | to the server if the browser has a HTTPS connection. This will keep
    | the cookie from being sent to you if it can not be done securely.
    |
    */

    'secure' => false,