All geek questions in one place

Laravel 5.3 - TokenMismatchException in line VerifyCsrfToken.php 68:

When I enter my application and immediately return, when I enter it and then try to log out, I get an error message from the header, how can I fix it?

+5
source share
13 answers

I ran into the same problem with laravel 5.4 .. and then the following command works for me :)

chmod 777 storage / framework / sessions /

before that it was chmod 775 storage / framework / sessions / ... so I ran into a problem ...

Happy coding

+8
source

From Laravel 5.3 docs

Now the Auth :: routes method registers the POST route for / logging out instead of the GET route. This prevents other web applications from registering users outside your application. To update, you must either convert your exit requests to use the POST verb, or register your own GET route for the URI / logout:

Option one: Route::get('/logout', 'Auth\ LoginController@logout ');

For more information about the upgrade, see here https://laravel.com/docs/5.3/upgrade

Option 2

 //Insert this on your head section <!-- CSRF Token --> <meta name="csrf-token" content="{{ csrf_token() }}"> <!-- Scripts --> <script> window.Laravel = <?php echo json_encode([ 'csrfToken' => csrf_token(), ]); ?> </script>

If you want to log out

  <ul class="dropdown-menu" role="menu"> <li> <a href="{{ url('/logout') }}" onclick="event.preventDefault(); document.getElementById('logout-form').submit();"> Logout </a> <form id="logout-form" action="{{ url('/logout') }}" method="POST" style="display: none;"> {{ csrf_field() }} </form> </li> </ul>

Greetings

+2
source

I solved this problem by editing the config-> session.php file

 'domain' => env('SESSION_DOMAIN', null),

and removing SESSION_DOMAIN from the file (.env)

and finally, composer dumpautoload

+1
source

Actually, I have the same problem in Laravel 5.4, when I upload a file using a form, I submitted a marker and the file uploaded correctly. The problem occurs when I upload a file that exceeds the maximum file upload. So just add an exception to VerifyCsrfToken.php for the route and the message will disappear, but the file will not load.

 use Closure; use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier; class VerifyCsrfToken extends BaseVerifier { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ protected $except = [ 'anexoSesion', ]; public function handle($request, Closure $next) { return parent::handle($request, $next); } }
+1
source

I had the same problem. I am running Laravel / PHP on a Windows machine using IIS . If you do, make sure that the IUSR user has the rights to change the project directories. After user permission, the error disappeared.

0
source

This issue usually occurs due to permissions. Since Manish pointed out that you can chmod 777 in your sessions folder, I would not recommend this. First, check to see if you have the same problem with the application using the artisan application (as opposed to serving your application through Nginx or Apache). If you do not, this is a permission issue, and you can change the ownership of the folder accordingly. Most likely, the www-data user needs permissions to write to the folder, however you will want to check your environment to make sure that the user will be different in some cases.

0
source

To solve this problem, add these two lines to the route file (e.g. web.php)

 Route::get('/', ' HomeController@index ');// so when you logged out it go back Route::get('/home', ' HomeController@index ');

This solved the problem for me. Hope that helps.

0
source

Light \ Foundation \ Http \ Middleware \ VerifyCsrfToken.php

use closure; // import

 protected $except = [ // ]; public function handle($request, Closure $next) { $response = $next($request); if (last(explode('\\',get_class($response))) != 'RedirectResponse') { $response->header('P3P', 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'); } return $response; }

or

for all urls

 protected $except = [ '*' ];

or

If not used

Light \ Foundation \ Http \ Kernel.php

// \ App \ Http \ Middleware \ VerifyCsrfToken :: class

this line add comment

0
source

I added SESSION_DOMAIN=localhost to my .ENV file when my APP_URL is APP_URL=http://localhost . This works for me. I am using laravel 5.3

0
source

Out of the box, Laravel comes with web and api middleware groups that contain common middleware that you might want to apply to your web UIs and APIs.

If you check your app/Providers/RouteServiceProvider.php , you will find that the routes/web.php group web is used by default for all your routes in routes/web.php .

 protected function mapWebRoutes() { Route::group([ 'middleware' => 'web', 'namespace' => $this->namespace, ], function ($router) { require base_path('routes/web.php'); }); }

Now, if you go, check your app/Http/Kernel.php and take a look at the $middlewareGroups property, you will find the new EncryptCookies . You can read about it, but if you remove this middleware from the web middleware group, your application may not provide the TokenMismatchException that you are currently receiving.

0
source

I also encounter this problem when using laravel5.4 for the rest API. Just add the route name to the application file /Http/Middleware/VerifyCsrfToken.php.

 protected $except = [ 'test/login', ];

After adding the line, I run the API, it runs successfully.

-1
source

I encountered such a problem in version 5.3.29. The following method worked for me.

Just change the following line in your .ENV file.

 APP_KEY=base64:aBCdeFghI+jKLMnOPqRSTuvw1xYzAbCDeFgHiJKL57+4= (example key)

remove the base64 part : and do it like this

 APP_KEY=aBCdeFghI+jKLMnOPqRSTuvw1xYzAbCDeFgHiJKL57+4=
-3
source

go to middleware - > verifycsrftoken.php -> add the urls in the specified array.

-4
source

Source: https://habr.com/ru/post/1258077/

More articles:


All Articles