问题
Well this is the problem I am facing from yesterday. It is always giving me TokenMismatchException and when I digged in and compared a few things, I found that on my local server, the _token field never changes. But on my production, it does. And that's the reason it kept giving me TokenMismatchException. Does anyone know how to fix this error.
I have
- seen this question
- Went through documentation.
- Wrote several codeception tests.
<input id="token" type="hidden" value="{{ csrf_token() }}">this already in my code.
回答1:
Check if you have domain in the config/session.php setup to the right path. Even I had got the same problem. And resolved it just by changing that path.
回答2:
May be usefull.
Html:
<meta name="_token" content="{{ csrf_token() }}">
Js:
var network = {
post: function(path, params, cb, type){
$.ajax({
url: path,
type: 'post',
data: params,
headers: { "X-CSRF-TOKEN" : $('meta[name="_token"]').attr('content') },
dataType: type,
success: function (response, status) {
if (status == "success") {
if (response.reason == "token_timeout") {
var new_token = response.new_token;
$('meta[name="_token"]').attr('content', new_token);
network.post(path, params, cb, type);
}else{
cb(response);
}
}
}
});
}
};
network.post('path to handler...', { key: value... }, function(response){
if(response.status == 'success'){
// to do
}
}, "json");
/app/Exceptions/Handler.php:
public function render($request, Exception $exception) {
if ($exception instanceof \Illuminate\Session\TokenMismatchException) {
return response()->json(['reason' => 'token_timeout', 'new_token' => csrf_token()], 200);
}
return parent::render($request, $exception);
}
来源:https://stackoverflow.com/questions/30499344/laravel-csrf-token-always-changes