'Session File always Recreate after ajax call to rest API that contain session_start()

I create rest API in php and login management with session, here the php Rest API snippet code:

        session_start();
        use App\Router;
        $router = new Router();
        $router->post('/login/', function() {
        $response = [];
        
        $email = $_POST['email'];
        $password = $_POST['password'];
        
        $emailuser = Users::where('email', $email)->where('password', hash("md5", $password))->take(1)->get()->toArray();
        
        if(count($emailuser) > 0) {
            $activestatus = $emailuser[0]['activestatus'];
            if($activestatus >= 1) {
                $_SESSION['login'] = true;
                $_SESSION['email'] = $email;
        
                $response = [
                    'status' => 'success',
                    'info' => [
                        'succ' => 'login success',
                        'login' => $_SESSION['login'],
                    ]
                ];
            } else {
                $response = [
                    'status' => 'fail',
                    'info' => [
                        'err' => 'you has not been registered',
                    ]
                ];
            }
        } else {
            $response = [
                'status' => 'fail',
                'info' => [
                    'err' => 'you has not been registered or validation error',
                ]
            ];
        }
        
        header('Content-Type: application/json; charset=utf-8');
        echo json_encode($response);
    });

and everytime I send ajax request to that Rest API, session always create new file in C:\xampp\tmp\ folder (note: but it is not happen if my request is not use ajax, or just use php/reload browser). and because many file created everytime aplication make ajax request session is not written in file session that is registered in browser cookie, so when I called session variable I always get empty variable session, here my javascript snippet code :

$('#form-login').submit(function(e) {
    e.preventDefault();
    var email = $('#form-login [name=email]').val();
    var password = $('#form-login [name=password]').val();

    $.ajax({
        url: "https://example.org/api/login/",
        method: "POST",
        xhrFields: {
            withCredentials: true
        },
        data: { email : email,  password : password},
        dataType: "json"
      }).done(function( data ) {
          console.log(data);
      }).fail(function( jqXHR, textStatus ) {
        console.log(jqXHR);
        console.log(textStatus);
      });
});

anybody know how to fix it ?

phpajaxrestsessionrequest


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions