I just created a new project of laravel version 5.5 with the laravel installer.And run the command "php artisan make:auth".The views and controller are generated for the user authentication.And also run "php artisan migrate" to create tables needed in the database.When visiting the login page and register page,filling the form and submit.It shows "The page has expired due to inactivity. Please refresh and try again.".But refreshing the page does nothing help. Seen in the source code,where causes the exception:
if ($e instanceof ModelNotFoundException) {
$e = new NotFoundHttpException($e->getMessage(), $e);
} elseif ($e instanceof AuthorizationException) {
$e = new AccessDeniedHttpException($e->getMessage());
} elseif ($e instanceof TokenMismatchException) {
$e = new HttpException(419, $e->getMessage());
}
It seems "TokenMismatchException" causing this problem. When did this happen?And why?I just create this new project and did not do any other changes. Hope you got the points. I use php 7.1.9(laravel 5.5 requires php > 7.0.0).And serve the project in develop environment with:php artisan serve
I had the same problem on localhost:8000 (php artisan serve). Maybe it's coincidence, but try on "clean browser" , other than you used with previous development.
For me it worked.
It seems that the problem is with cookies from development with previous Laravel versions, on the same url.
i think you missed csrf token.
dont forget to use {!! csrf_field() !!}
In my case, I've got the same error message and then figured that I missed to add csrf_token
{{ csrf_field() }}
Or without form helper that will be,
<input type="hidden" name="_token" value="{{ csrf_token() }}">
If that doesn't work, then-
Refresh the browser cache and hopefully it will work, thanks.
I had the same issue and it was because I was using virtualhost and I setup below variable to mydomain.com. in config/session.php file
'domain' => env('SESSION_DOMAIN', 'mydomain.com'),
When I changed it to null then it started working
'domain' => env('SESSION_DOMAIN', 'null'),
I don't know what is the reason behind it but it is working fine now.
I had this same issue.
vagrant reload --provision worked for me
Add csrf token
<input type="hidden" name="_token" value="{{ csrf_token() }}">
It appears to be permission settings on either storage and/or bootstrap/cache.
I'm using a Cloudways server. I reset permissions on my server under Application Settings and it now works. On my local development server the equivalent was to set chmod 777 on storage.. I had used 755 previously and the error persisted.
Make sure your User.php model exist in app folder and fields must be define in this model.
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
if you created a new project localhost You need view config/session line : 166 if 'secure' => true , you need edit 'secure' => false, When you up the host or server, re-config => true sorry i know a little english , hope can help you
I would also keep csrf_token in a meta tag.
<meta name="csrf-token" content="{{ csrf_token() }}">
I was only testing post requests for my api and came across the same issue.
I resolved it by adding my route to the Middleware VerifyCsrfToken's $except array i.e. go to app/Http/Middleware/VerifyCsrfToken and add
protected $except = [
'your/route'
];
But if your requests are from some front-end platform or views, it's advisable to add {{ csrf_field() }} in the form that sends the request.
Hi for the group paths that you want to apply to everyone, use this method, which is my 5.5 larval version. Use the star => go to app/Http/Middleware/VerifyCsrfToken and add
protected $except = [
'/user/*'
];
This is also my user's path
Route::group(['prefix' => 'user', 'namespace' => 'User', 'as' => 'user.'] , function (){
This issue is mainly caused because you don't have the csrf token in your form. During csrf token verification it fails, that's why you are getting this page. Laravel generally needs csrf token in all its forms. You can add a csrf token simply by adding this inside the form.
{{ csrf_field() }}
Another method of doing this is you can exclude your route in the verifycsrftoken middleware.
Just add a protected field in the middleware with your route name.
protected $except=[
'1st route',
'2nd route',
.
.
];
This should work.
Had this issue as well! Solved it by:
- Clearing browser session storage and cookies.
- Running
php artisan cache:clear - Ensuring the
storage/framework/sessionsfolder was empty, except for the.gitignore. - Restarting dev environment.
try this out look for the forms in the views of the login and register pages and add the following line in the forms
<input name="_token" type="hidden" value="TtQX3LwLMvrhLcOr75dDP2WzvHve0TE7eyilRebW">
来源:https://stackoverflow.com/questions/45994235/laravel-5-5-login-and-register-page-saysthe-page-has-expired-due-to-inactivity