0

I am using Laravel 5.3 and the laravelcollective/html form helpers.

When I submit a form, if the validation fails it takes you back to the same form using return redirect()->back()->with

Then if I resubmit the same form again I will get a TokenMismatchException, what happenned is that the csrf token did not refreshed after the form was reloaded.

Any ideas of how can I get the token refreshed?

Update 11/07

To open the form I use the following:

{!! Form::open(['url'=>'/user/create', 'method'=>'post', 'id'=>'create']) !!}

Which automatically adds the token field.

But Also I have tried adding the token manually, like this:

{!! Form::open(['url'=>'/user/create', 'method'=>'post', 'id'=>'create']) !!}
{!! Form::token() !!}

Here the token is actually created twice, both tokens are be the same.

Juan Girini
  • 1,150
  • 2
  • 16
  • 31
  • There could be multiple reasons for laravel not refreshing the token on redirect. Can you share the code snippet of your form. Also you can try laravel way of adding token i.e. {{ Form::token(); }} instead of adding it as a hidden form field yourself. Let me know if it helps. – Shuja Ahmed Nov 04 '16 at 18:09
  • Thank you Shuja, I have updated the question with your suggestion, still the problem persists – Juan Girini Nov 07 '16 at 08:53

1 Answers1

0

The problem was that I was sending the value _token back to the view. What I was doing was:

return redirect()
->back()
->with(
['errors' => $validator->errors()->all()] 
+ $request->input()
);

Where the $request->input('_token') was not being filtered. Instead I have changed it for the following which works, as it does filter _token:

return redirect()
->back()
->withErrors($validator->errors()->all())
->withInput($request->input());
Juan Girini
  • 1,150
  • 2
  • 16
  • 31