Laravel 8 Fortify User UUID Login Problem

Question

I am currently setting up a new project using Laravel 8. Out of the box, Laravel is configured to use auto-incrementing ID's for the user's ID. In the past I have overrode this by doing the following.

Updating the ID column in the user table creation migration to

$table->uuid('id');
$table->primary('id');

Adding the following trait

trait UsesUUID
{
    protected static function bootUsesUUID()
    {
        static::creating(function ($model) {
            $model->{$model->getKeyName()} = (string) Str::orderedUuid();
        });
    }
}

Adding the following to the user model file

use UsesUUID;    
public $incrementing = false;
protected $primaryKey = 'id';
protected $keyType = 'uuid';

On this new project, I did the same as above. This seems to break the login functionality. When the email and password are entered and submitted, the form clears as though the page has been refreshed. Thing to note is there are no typical validation error messages returned as would be expected if the email and/or password is wrong.

To check that the right account is actually being found and the password is being checked properly, I added the following code to the FortifyServiceProvider boot method. The log file confirms that the user is found and the user object dump is correct too.

Fortify::authenticateUsing(function(Request $request) {
        \Log::debug('running login flow...');
        $user = User::where('email', $request->email)->first();

        if ($user && Hash::check($request->password, $user->password)) {
            \Log::debug('user found');
            \Log::debug($user);
            return $user;
        }

        \Log::debug('user not found');
        return false;
    });

Undoing the above changes to the user model fixes the login problem. However, it introduces a new problem that is the login will be successful but it wont be the right account that is logged in. For example, there are 3 accounts, I enter the credentials for the second or third account, but no matter what, the system will always login using the first account.

Anyone have any suggestions or ideas as to what I may be doing wrong, or if anyone has come across the same/similar issue and how you went about resolving it?

Thanks.

Answer 1

After digging around some more, I have found the solution.

Laravel 8 now stores sessions inside the sessions table in the database. The sessions table has got a user_id column that is a foreign key to the id column in the users table.

Looking at the migration file for the sessions table, I found that I had forgot to change the following the problem.

From

$table->foreignId('user_id')->nullable()->index();

To

$table->foreignUuid('user_id')->nullable()->index();

This is because Laravel 8 by default uses auto incrementing ID for user ID. Since I had modified the ID column to the users table to UUID, I had forgotten to update the reference in the sessions table too.