Laravel: How to prevent TokenMismatchException when idle?

Question

I have been suffering this TokenMismatchException. So I was figuring what causes the error. I found out that If I try to idle the landing page for 15minutes then login. I got the TokenMismatchException. I have a {!! csrf_field() !!} in the loginform.

My config/session.php lifetime is set to 15 minutes. So I've waited 15minutes to catch the TokenMismatchException error.

So I have tried these several solutions

installed laravel-caffeine
<meta name="csrf-token" content="{{ csrf_token() }}" />
Edited the Handler.php

public function render($request, Exception $e) { if ($e instanceof TokenMismatchException) { return redirect('/login')->with('message', 'Security token expired. Please, login back.'); } if ($e instanceof \Illuminate\Session\TokenMismatchException) { return redirect('/login')->with('message', 'Security token expired. Please, login back.'); } return parent::render($request, $e); }

But nothing seems working.

You don't need laravel-caffeine for this. Mostly likely your exception catcher is correct, just either namespaces are wrong or it's in the wrong place — Kenyon, Nov 11 '16 at 19:01
@Kenyon , check my code, I tried using 2 exceptions. Still not working. — Vahn Marty, Nov 11 '16 at 20:06
I copied the answer from here http://stackoverflow.com/a/31846916/7146565 — Vahn Marty, Nov 11 '16 at 20:12

score 0 · Answer 1 · answered Nov 11 '16 at 20:06

0

You were on the right track. You could edit App\Exceptions\Handler like this

public function render($request, Exception $e)
{

    if($this->isTokenMismatchException($e)) {

        if(!(Auth::check()))  return $this->redirectGuestToLogin();

    } 

    return parent::render($request, $e);
}

protected function redirectGuestToLogin(){

    return redirect()->guest('auth/login');

}

protected function isTokenMismatchException(Exception $e){

      return $e instanceof TokenMismatchException;

}

answered Nov 11 '16 at 20:06

Wistar

3,770
4
45
70

Do you know if the handler is called and if it detect the TokenMismatchException? – Wistar Nov 12 '16 at 16:18
I really don't know. – Vahn Marty Nov 12 '16 at 16:23
Add `Log::info("Some text")` in each if block to see if they work. You can then look in your logs what code was executed – Wistar Nov 12 '16 at 16:26
Wait, I need to check if I am using the correct file. – Vahn Marty Nov 12 '16 at 16:27

score 0 · Answer 2 · answered Nov 13 '16 at 16:36

0

My code in Handler was right. But my mistake is that I was using the older version of the project in the browser. That is why I am still getting the error. Now it's totally working.

answered Nov 13 '16 at 16:36

Vahn Marty

1,428
3
14
28

I didn't understand the error about `using the older version of the project in the browser`. Could you please explain it in more detail? – Pathros Jun 30 '17 at 04:06
the actual project is supposed to be "http://localhost/myrcf-version-3" and I was running the "http://localhost/myrcf/" the whole time. – Vahn Marty Jul 07 '17 at 20:59

Laravel: How to prevent TokenMismatchException when idle?

2 Answers2