Token Mismatch Exception on Login (Laravel)
Solution 1
Laravel makes a quite esoteric use of sessions, and when the user cookie and the user salt in stored in the database disalign for some reason (for example, when you re-seed your user table), you get a Token Mismatch Exception without further explanation.
If that's the case, just delete your cookies.
Solution 2
I had this problem on login also. From time to time this exception occurred so I stop and tried to reproduce it. I succeed by doing this:
First I load the login page.
Then I deleted the cookies.
Then, without reloading the login page, I entered username and password and tried to login.
Because session was deleted (when I deleted the cookies), it was normal that this code was not going to pass and it will throw the TokenMismatchException.
Route::filter('csrf', function() {
if ( Session::getToken() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException;
}
});
So, what I've done to solve my problem was to add a redirect to login page with a message to inform the user that the session might expired.
Route::filter('csrf', function() {
if ( Session::getToken() != Input::get('_token')) {
return Redirect::to('/admin/login')->with('warning', 'Your session has expired. Please try logging in again.');
}
});
Thus, after page reloading, a new session is created and the problem is solved.
Solution 3
Check your route:list to see if Login is protected by web middleware. In my case, I made mistake by adding web middileware to login route where it should be guest middleware.
Solution 4
/config/session.php set that info 'expire_on_close' => true, save and load again ur site you wont get anymore the issue with Token Mismatch Exception on Login
Related videos on Youtube
Sainath Krishnan
Updated on September 15, 2022Comments
-
Sainath Krishnan over 1 year
I followed this tutorial on creating a registration and login page using Laravel.
Everything works smoothly, the only issue is that I am unable to Login. If I provide the wrong username/password, it correctly gives me an error message. But if I use the right credentials, I get the following error -
Illuminate \ Session \ TokenMismatchException
This is my (default) csrf function -
Route::filter('csrf', function() { if (Session::token() != Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException; } });
This is the form action -
{{ Form::open(array('url'=>'signin', 'class'=>'form-signin')) }}
And this is the relevant portion of my UsersController
public function __construct() { $this->beforeFilter('csrf', array('on'=>'post')); $this->beforeFilter('auth', array('only'=>array('getDashboard'))); } public function postSignin() { if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) { return Redirect::to('dashboard')->with('message', 'You are now logged in!'); } else { return Redirect::to('login') ->with('message', 'Your username/password combination was incorrect') ->withInput(); } } public function getDashboard() { $this->layout->content = View::make('users.dashboard'); }
-
Yousef Altaf about 5 yearsDo you mean to add
Route::filter
in myweb.php
I amlaravel 5.4