PHPackages                             ycs77/laravel-recover-session - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. ycs77/laravel-recover-session

ActiveLibrary[Utility &amp; Helpers](/categories/utility)

ycs77/laravel-recover-session
=============================

Recover Laravel session when sending a form post request back from a third-party API.

v2.0.0(4w ago)27.4k—3.3%2MITPHPPHP &gt;=8.2CI passing

Since Jun 11Pushed 4w ago1 watchersCompare

[ Source](https://github.com/ycs77/laravel-recover-session)[ Packagist](https://packagist.org/packages/ycs77/laravel-recover-session)[ Docs](https://github.com/ycs77/laravel-recover-session)[ Patreon](https://www.patreon.com/ycs77)[ RSS](/packages/ycs77-laravel-recover-session/feed)WikiDiscussions 2.x Synced 2d ago

READMEChangelog (10)Dependencies (25)Versions (13)Used By (2)

Laravel Recover Session
=======================

[](#laravel-recover-session)

[![Latest Version on Packagist](https://camo.githubusercontent.com/8caa0fc3cfc282a7ac781ebfdd68d4ecd83109ea0bdeffdb256f20ceae1e216b/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f79637337372f6c61726176656c2d7265636f7665722d73657373696f6e3f7374796c653d666c61742d737175617265)](https://packagist.org/packages/ycs77/laravel-recover-session)[![Software License](https://camo.githubusercontent.com/c090e080484e2a2bc766446291d04437db823929042bf614b26a1643660ddf6f/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e3f7374796c653d666c61742d737175617265)](LICENSE)[![GitHub Tests Action Status](https://camo.githubusercontent.com/f7a7cb4fd3aae1382959e7d507b5d9bd5a84d45247237b6964ce266e64effa40/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f79637337372f6c61726176656c2d7265636f7665722d73657373696f6e2f74657374732e796d6c3f6272616e63683d322e78266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/ycs77/laravel-recover-session/actions/workflows/tests.yml?query=branch%3A2.x)[![Total Downloads](https://camo.githubusercontent.com/9654565121f8c354a6a7a15891966095d0667254640f89ba9b4a5f4d83a1d559/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f79637337372f6c61726176656c2d7265636f7665722d73657373696f6e3f7374796c653d666c61742d737175617265)](https://packagist.org/packages/ycs77/laravel-recover-session)

Recover Laravel session when sending a form post request back from a third-party API like NewebPay.

Currently, Laravel's default Cookie SameSite value is set to `Lax`. This setting prevents cookies from being sent when using form post requests to transmit data to websites on other domains. Consequently, after completing a payment and being redirected back to the original website, users may appear to be automatically logged out due to the inability to retrieve the original login cookie. This package addresses and resolves this issue.

Supported Versions
------------------

[](#supported-versions)

VersionPHP VersionLaravel Version1.x&gt;=8.1&gt;=9.x2.x&gt;=8.2&gt;=11.xInstallation
------------

[](#installation)

Via Composer:

```
composer require ycs77/laravel-recover-session
```

Publish config:

```
php artisan vendor:publish --tag=recover-session-config
```

Usage
-----

[](#usage)

Now you need to call `RecoverSession::preserve()` to save the current session ID into the cache and include the key in your callback URL. This allows the current session to be resumed after the API returns with the key:

```
use Ycs77\LaravelRecoverSession\Facades\RecoverSession;

public function pay(Request $request)
{
    $key = RecoverSession::preserve($request);

    ThirdPartyApi::callbackUrl('/pay/callback?sid='.$key);

    // send post form request to the third-party API...
}
```

This package will automatically retrieve the encrypted session ID from the callback URL and restore the original session state upon returning to the site.

> Reference details for the SameSite:

Manually Register Middleware
----------------------------

[](#manually-register-middleware)

If you are not using the global recover session, you can set the config `recover-session.global` to `false`, and adjust the order of the middleware so that `RecoverSession` is placed below `StartSession`. by default, Laravel's `Kernel` does not include the `$middlewarePriority` property, so you need to add it manually.

If you are using Laravel 11+, you can add the `RecoverSession` middleware to the `$middlewarePriority` property in the `app/Http/Kernel.php` file:

```
->withMiddleware(function (Middleware $middleware) {
    $middleware->priority([
        \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
        \Illuminate\Cookie\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Ycs77\LaravelRecoverSession\Middleware\RecoverSession::class, // need to place `RecoverSession` below `StartSession`
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
        \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
        \Illuminate\Routing\Middleware\ThrottleRequests::class,
        \Illuminate\Routing\Middleware\ThrottleRequestsWithRedis::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Contracts\Auth\Middleware\AuthenticatesRequests::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ]);
})
```

If you are using Laravel 11.31+, it provides a concise method to append middleware to the priority list:

```
->withMiddleware(function (Middleware $middleware) {
    $middleware->appendToPriorityList(
        \Ycs77\LaravelRecoverSession\Middleware\RecoverSession::class,
        \Illuminate\Routing\Middleware\ValidateSignature::class
    );
})
```

Final, you can add the `RecoverSession` middleware to the callback route for the API:

```
use Ycs77\LaravelRecoverSession\Middleware\RecoverSession;

Route::post('/pay/callback', [PaymentController::class, 'callback'])
    ->middleware(RecoverSession::class);
```

Sponsor
-------

[](#sponsor)

If you think this package has helped you, please consider [Becoming a sponsor](https://www.patreon.com/ycs77) to support my work~ and your avatar will be visible on my major projects.

 [ ![](https://camo.githubusercontent.com/be34c63895cd13789477fcf54bf48d2f6d9e0872b33e3a2a88aa17be43037e9f/68747470733a2f2f63646e2e6a7364656c6976722e6e65742f67682f79637337372f7374617469632f73706f6e736f72732e737667) ](https://www.patreon.com/ycs77)

[ ![Become a Patron](https://camo.githubusercontent.com/ef7b855018f1f680eeba6fd1ac470b9c1971ef883b2f4b9fcf41034274510e3f/68747470733a2f2f63352e70617472656f6e2e636f6d2f65787465726e616c2f6c6f676f2f6265636f6d655f615f706174726f6e5f627574746f6e2e706e67)](https://www.patreon.com/ycs77)Credits
-------

[](#credits)

- [SameSite Cookie 之踩坑過程](https://kira5033.github.io/2020/09/samesite-cookie-%E4%B9%8B%E8%B8%A9%E5%9D%91%E9%81%8E%E7%A8%8B/)
- [imi/laravel-transsid](https://github.com/iMi-digital/laravel-transsid)

License
-------

[](#license)

[MIT LICENSE](LICENSE)

###  Health Score

52

—

FairBetter than 96% of packages

Maintenance94

Actively maintained with recent releases

Popularity27

Limited adoption so far

Community11

Small or concentrated contributor base

Maturity64

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~99 days

Recently: every ~0 days

Total

12

Last Release

28d ago

Major Versions

v1.2.3 → v2.0.02026-06-05

PHP version history (2 changes)v1.0.0PHP &gt;=8.1

v2.0.0PHP &gt;=8.2

### Community

Maintainers

![](https://www.gravatar.com/avatar/a5a1e0caa0c50990d8ffc70d4a095706a4e2b71bd6a0f08860744f773c6f99a9?d=identicon)[ycs77](/maintainers/ycs77)

---

Top Contributors

[![ycs77](https://avatars.githubusercontent.com/u/38133356?v=4)](https://github.com/ycs77 "ycs77 (37 commits)")

###  Code Quality

TestsPest

Static AnalysisPHPStan, Rector

Code StyleLaravel Pint

Type Coverage Yes

### Embed Badge

![Health badge](/badges/ycs77-laravel-recover-session/health.svg)

```
[![Health](https://phpackages.com/badges/ycs77-laravel-recover-session/health.svg)](https://phpackages.com/packages/ycs77-laravel-recover-session)
```

###  Alternatives

[psalm/plugin-laravel

Psalm plugin for Laravel

3355.3M345](/packages/psalm-plugin-laravel)[roots/acorn

Framework for Roots WordPress projects built with Laravel components.

9762.4M131](/packages/roots-acorn)[illuminate/routing

The Illuminate Routing package.

1419.2M3.0k](/packages/illuminate-routing)[laravel/pulse

Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application.

1.7k15.1M131](/packages/laravel-pulse)[spatie/laravel-export

Create a static site bundle from a Laravel app

674146.0k6](/packages/spatie-laravel-export)[api-platform/laravel

API Platform support for Laravel

58171.5k14](/packages/api-platform-laravel)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
