Laravel 7 Session store not set on request
Stefan Bogdanescu
Founder & Senior Architect · 2026-06-29
Solving the Laravel Session Store Issue with Redis in Custom Authentication Flows
As a senior developer, I often encounter these kinds of frustrating runtime errors when integrating custom authentication layers, especially when dealing with external APIs. The error RuntimeException: Session store not set on request is a classic symptom that points directly to an issue in how Laravel initializes or connects to its configured session driver (in this case, Redis).
You are attempting a complex setup involving Laravel 7, custom controllers, and Redis for both caching and sessions. While the steps you followed mirror older tutorials, the transition between framework versions and specific configuration details often introduces subtle breaking points.
This post will diagnose why your session store isn't setting correctly and provide the robust solution necessary to make your custom authentication flow work seamlessly with Laravel 7 and Redis.
Diagnosing the Session Store Failure
The error you are seeing, Session store not set on request, means that when Laravel attempts to execute code that relies on session data (like the standard authentication middleware or session-dependent logic), it cannot find a valid, active connection to the configured session driver.
In your setup, you have correctly defined Redis for caching and sessions in your .env file and database.php. However, the failure suggests a disconnect between the application's expectation of how sessions are managed and the actual configuration Laravel is reading at runtime.
Common pitfalls usually involve:
- Missing Service Provider Binding: Ensuring the session service provider correctly hooks into the Redis connection.
- Incorrect Driver Initialization: The way you define custom connections in
database.phpmight be interfering with the default session driver resolution. - Middleware Order/Execution: While less likely the root cause here, improper ordering can sometimes lead to initialization failures before the request fully processes.
The Correct Approach: Streamlining Redis Configuration
When using Redis as a session store in Laravel 7, the configuration must be clean and follow standard conventions. We need to ensure that the SESSION_DRIVER directive is correctly interpreted by the framework, relying on the environment variables rather than overly complex custom database configurations for this specific task.
Step 1: Simplify Session Configuration
Instead of defining a separate session.php file (which can sometimes conflict with Laravel's core structure), rely primarily on the environment variables and ensure your Redis configuration is correctly mapped to the default session driver.
Your .env file looks correct for setting the driver:
SESSION_DRIVER=redis
CACHE_DRIVER=redis
SESSION_LIFETIME=120
The crucial part is ensuring Laravel knows how to use Redis as the session store by using the standard configuration mechanism. If you are using a package that injects custom connections (like your database.php setup), you must ensure those connections are correctly named and utilized by the session component.
Step 2: Verifying Redis Connection Mapping
If you are manually defining Redis connections in config/database.php, make sure the connection used for sessions is properly established. When using a standard driver like Redis, Laravel typically relies on configuring the cache/session drivers directly through the environment variables and default service providers.
For a clean setup with Redis, focus on the configuration within config/cache.php and ensuring your application has access to the necessary connection details via the established config/cache.php.
Best Practice Check: Ensure that you are not accidentally overriding or conflicting with Laravel’s built-in session handling. If you are using a custom package for authentication, ensure it respects the default Laravel session binding unless explicitly designed otherwise. For deep dives into service container management and dependency injection within Laravel, exploring resources like those found on the official Laravel documentation is highly recommended.
Step 3: Re-evaluating Middleware Execution
The issue with applying web middleware to your login routes might stem from the request lifecycle starting before the session context is fully established or initialized by the custom authentication layer you are building.
If the error occurs immediately upon hitting a route, it strongly suggests the problem lies in the session initialization occurring within the core framework bootstrapping phase, rather than just the route middleware execution.
Actionable Step: Instead of relying solely on routing middleware for session setup, ensure that any code attempting to access session data is wrapped within checks that confirm the session object itself exists and is valid.
// Example check before accessing session data in a controller method
if (session()->has('user_id')) {
// Proceed with authenticated logic
} else {
// Handle session missing error gracefully
abort(401, 'Session data missing.');
}
Conclusion
The Session store not set on request error in a Redis-backed Laravel application is rarely an issue with the driver itself, but rather an issue with the binding or initialization of that driver within the framework's service container during the request lifecycle.
By simplifying your configuration to rely on standard environment variables for session drivers and ensuring that your custom authentication logic respects the core session bindings, you can resolve this conflict. Focus on letting Laravel manage the connection through its established configuration channels rather than manually redefining low-level database connections for basic session storage. Keep diving into the official documentation; it is the most reliable source for understanding how Laravel manages these complex interactions and ensures your application remains robust, just as with best practices promoted by Laravel.