laravel Unauthenticated. 500

这几天我这边出现一个很诡异的现象，就是对于Unauthenticated.的错误是以500的状态返回，报错为偶发性，不好复现，且日志并未捕获到该异常。

laravel的日志是基于 Monolog 日志函数库，Monolog 支持和提供多种强大的日志处理功能。但是laravel错误日志并没有捕获到这个异常，我看了配置

'log' => 'daily','log_max_files' => 30,'log_level' => 'debug',

配置日志等级已经是debug了，正常来说是要记录的，在nginx日志中发现确实是500的状态码，使得我对这个日志的记录完整性产生怀疑。

我在Handler.php中找到render函数，加了一行代码做测试

Log::error($exception->getMessage() . "\\n" . $exception->getTraceAsString());

确实是有抛异常信息的，就是不知道为什么laravel的日志等级即使到大了debug也还是没有记录这个异常信息

Unauthenticated.
#0 /vendor/laravel/framework/src/Illuminate/Session/Middleware/AuthenticateSession.php(43): Illuminate\\Session\\Middleware\\AuthenticateSession->logout(Object(Illuminate\\Http\\Request))
#1 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Session\\Middleware\\AuthenticateSession->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#2 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#3 /vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#4 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#5 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#6 /vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#7 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Session\\Middleware\\StartSession->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#8 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#9 /vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#10 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#11 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#12 /vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#13 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#14 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#15 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#16 /vendor/laravel/framework/src/Illuminate/Routing/Router.php(574): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#17 /vendor/laravel/framework/src/Illuminate/Routing/Router.php(533): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#18 /vendor/laravel/framework/src/Illuminate/Routing/Router.php(511): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#19 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#20 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#21 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#22 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#23 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#24 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#25 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#26 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#27 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#28 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#29 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#30 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#31 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#32 /vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#33 /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#34 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#35 /vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#36 /public/index.php(53): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#37 {main}

我在Handler.php中找到unauthenticated函数，也加了一行输入日志的代码，结果发现没有触发

Log::error('Unauthenticated.(401)');

 这也是为什么异常的状态码是500而不是401，但是为什么会这样呢？我根据错误提示查找源码，发现在AuthenticateSession.php(43)是这么写的

if (!$request->session()->has('password_hash') && $this->auth->viaRemember()) {$this->logout($request); //第43行
}/* Log the user out of the application. @param  \\Illuminate\\Http\\Request  $request* @return void @throws \\Illuminate\\Auth\\AuthenticationException*/
protected function logout($request)
{$this->auth->logout();$request->session()->flush();throw new AuthenticationException;
}

看到这里顿悟

1. !$request->session()->has('password_hash')

由于我这边已经不用密码的方式了，password_hash变得没有意义，即使在登录状态下，$request->session()->get('password_hash')也为null，这个判断会变得永远是true

2. $this->auth->viaRemember()

同Auth::viaRemember()，仅当用户返回页面并使用Remember_me_token cookie进行身份验证时，方法viaRemember()才返回true，因此偶发状态为500的Unauthenticated，因为大多数情况下是通过laravel_session方式验证身份，并不会通过Remember_me_token这种方式进行身份验证。

因此需要在Kernel.php中注释掉即可

protected $middlewareGroups = ['Web' => [// \\Illuminate\\Session\\Middleware\\AuthenticateSession::class]
]