0

I was logged in to my laravel 5 application. Deleted all my cookies, and suddenly get the TokenMismatchException error when i try to re-login.

It only happens in the browser (google chrome) where i deleted the cookies.

Does anyone know how i could fix this? And why i have the error in only 1 browser?

yinshiro
  • 159
  • 1
  • 13

1 Answers1

1

When you're using a CSRF token in Laravel, here's what happens:

  1. client makes a request for the form (or whatever page)

  2. form includes a special CSRF token which is also saved on the server and associated with that client's session

  3. form is submitted, and CSRF token is passed back to the server

  4. server checks the CSRF token against what it has saved for that token - if they don't match, you get an error.

If you loaded the form and then cleared the cookies, you've deleted the session key that associates that form (what's displayed on your client's screen) with the session on the server. The server has no way of knowing that that form submission should be associated with that session and that CSRF token.

There's a simple solution: after clearing your cookies, refresh the page in your browser.

Kryten
  • 15,230
  • 6
  • 45
  • 68
  • Thank you for the explanation, atleast i understand that better now^^ though refreshing didn't solve it. – yinshiro Jun 18 '15 at 16:34
  • 1
    @Kryten is right. Refresh page or relogin to your application to recreate cookies. Cookies just like the cookie you love eating is like a special cookie given to your browser by your server for them to be friends and trust each. Your browser got angry when you took that cookie from her and decided to forget the server. :D – Emeka Mbah Jun 18 '15 at 16:58
  • Omg found out what was wrong (feels stupid), i had one of my chrome plugins block all cookies . . . @Digitlimit love you're explanation ! xD +1 – yinshiro Jun 18 '15 at 17:03
  • Thanks guys for wasting your time on me :p :) – yinshiro Jun 18 '15 at 17:05