1. 技术文章
  2. TokenMisMatchException in Laravel 5.4

TokenMisMatchException in Laravel 5.4

送分小仙女□ 提交于 2019-12-12 04:57:07

问题


I am new to Laravel and PHP. I am using POST method to get user requests and I am getting TokenMismatchException on in verifyCSRFToken.php line 68. Checked the logs in server.php found the following.

[2017-06-13 11:29:55] local.ERROR: Symfony\Component\Debug\Exception\FatalThrowableError: Undefined constant 'home' in C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Container\Container.php:762

Stack trace:

C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Container\Container.php(762): ReflectionClass->newInstanceArgs(Array)
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Container\Container.php(608): Illuminate\Container\Container->build('App\\Http\\Middle...')
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Container\Container.php(575): Illuminate\Container\Container->resolve('App\\Http\\Middle...')
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Application.php(72Illuminate\Container\Container->make('App\\Http\\Middle...')
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(138): Illuminate\Foundation\Application->make('App\\Http\\Middle...')
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\View\Middleware\ShareErrorsFromSession.php(49): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Session\Middleware\StartSession.php(64): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Cookie\Middleware\EncryptCookies.php(59): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Router.php(576): Illuminate\Pipeline\Pipeline->then(Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Router.php(535): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Router.php(513): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(174): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\ValidatePostSize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(148): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Routing\Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Pipeline\Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(14 Illuminate\Pipeline\Pipeline->then(Object(Closure))
C:\Users\Dikesh Kumar\blog\vendor\laravel\framework\src\Illuminate\Foundation\Http\Kernel.php(11 Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\public\index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
C:\Users\Dikesh Kumar\blog\server.php(21): require_once('C:\\Users\\Dikesh...')
{main}

Could someone help?


回答1:


Laravel makes it easy to protect your application from cross-site request forgery (CSRF) attacks. Cross-site request forgeries are a type of malicious exploit whereby unauthorized commands are performed on behalf of an authenticated user.

Laravel automatically generates a CSRF "token" for each active user session managed by the application. This token is used to verify that the authenticated user is the one actually making the requests to the application.

Anytime you define a HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request. You may use the csrf_field helper to generate the token field:

<form method="POST" action="/profile">
    {{ csrf_field() }}
    ...
</form>

Reference




回答2:


You need to define csrf token in your meta tag:

<meta name="csrf-token" content="{{ csrf_token() }}">

Or you can also pass as hidden input element:

<input type="hidden" name="_token" value="{{ csrf_token() }}">

If you are using ajax then you have to define csrf value as:

<script type="text/javascript">
      $.ajaxSetup({
        headers: {
            'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
        }
      });
  </script>

and then run the following commnad:

php artisan cache:clear



回答3:


I think what you are saying is that you know how to use the csrf token, however, after some time you get a token mismatch. This happens for example if your login page sits in your browser for a while where the form has generated the token already (as a hidden field). Now when you try to fill out the form, you are using the token that you generated (example: Yesterday) the last time you refreshed the page. On the back, once you submit the form, laravel will instantiate a new token and will compare against that token, which will be invalid.

You can change the session expiry inside /app/config/session.php from 120 minutes to anything longer than that.

Otherwise you can have an HTML meta refresh tag to refresh every 120 minutes so when the form is on idle, you can refresh the page and print the latest csrf token.




回答4:


I got the same problem, this error can come from multiple sources. I didnt find my answer so i dig in laravel upgrade. I use database driver so i looked at the sessions table migration. Some of the new fields are nullable. I fixed my table and it works.So if you have a problem with tokenmismatch, check if laravel can creates sessions(files or database).




回答5:


in app/Http/helpers.php you will find a space in the beginning of the file before <?php just remove it.



来源:https://stackoverflow.com/questions/44622602/tokenmismatchexception-in-laravel-5-4

标签
php
laravel
laravel-5
laravel-5.4
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!