找到你要的答案

Q:Token Mismatch Exception on Login (Laravel)

Q:标记不匹配的异常登录(Laravel)

I followed this tutorial on creating a registration and login page using Laravel.

Everything works smoothly, the only issue is that I am unable to Login. If I provide the wrong username/password, it correctly gives me an error message. But if I use the right credentials, I get the following error -

Illuminate \ Session \ TokenMismatchException

This is my (default) csrf function -

Route::filter('csrf', function()
{
    if (Session::token() != Input::get('_token'))
    {
        throw new Illuminate\Session\TokenMismatchException;
    }
});

This is the form action -

{{ Form::open(array('url'=>'signin', 'class'=>'form-signin')) }}

And this is the relevant portion of my UsersController

public function __construct() {
$this->beforeFilter('csrf', array('on'=>'post'));
$this->beforeFilter('auth', array('only'=>array('getDashboard')));

}
public function postSignin() {
       if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) {
            return Redirect::to('dashboard')->with('message', 'You are now logged in!');
        } else {
            return Redirect::to('login')
            ->with('message', 'Your username/password combination was incorrect')
            ->withInput();
    }  
}

public function getDashboard() {
    $this->layout->content = View::make('users.dashboard');
}

我跟着这个教程创建一个注册和登录页面使用laravel。

一切顺利,唯一的问题是我无法登录。如果我提供错误的用户名/密码,它正确地给我一个错误信息。但如果我使用正确的凭据,我得到以下错误—

Illuminate \ Session \ TokenMismatchException

这是我的(默认)CSRF的功能—

Route::filter('csrf', function()
{
    if (Session::token() != Input::get('_token'))
    {
        throw new Illuminate\Session\TokenMismatchException;
    }
});

这是形式行动—

{{ Form::open(array('url'=>'signin', 'class'=>'form-signin')) }}

这是我的用户的相关部分

public function __construct() {
$this->beforeFilter('csrf', array('on'=>'post'));
$this->beforeFilter('auth', array('only'=>array('getDashboard')));

}
public function postSignin() {
       if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) {
            return Redirect::to('dashboard')->with('message', 'You are now logged in!');
        } else {
            return Redirect::to('login')
            ->with('message', 'Your username/password combination was incorrect')
            ->withInput();
    }  
}

public function getDashboard() {
    $this->layout->content = View::make('users.dashboard');
}
answer1: 回答1:

Laravel makes a quite esoteric use of sessions, and when the user cookie and the user salt in stored in the database disalign for some reason (for example, when you re-seed your user table), you get a Token Mismatch Exception without further explanation.

If that's the case, just delete your cookies.

Laravel做了一个很深奥的使用会话,当用户的cookie和用户盐在数据库中存储的disalign因为某些原因(例如,当你的种子用户表),你会得到一个令牌不匹配的异常没有进一步的解释。

如果是这样的话,删除你的饼干。

answer2: 回答2:

I had this problem on login also. From time to time this exception occurred so I stop and tried to reproduce it. I succeed by doing this:

First I load the login page.

Then I deleted the cookies.

Then, without reloading the login page, I entered username and password and tried to login.

Because session was deleted (when I deleted the cookies), it was normal that this code was not going to pass and it will throw the TokenMismatchException.

Route::filter('csrf', function() {
    if ( Session::getToken() != Input::get('_token')) {
        throw new Illuminate\Session\TokenMismatchException;
    }
});

So, what I've done to solve my problem was to add a redirect to login page with a message to inform the user that the session might expired.

Route::filter('csrf', function() {
    if ( Session::getToken() != Input::get('_token')) {
        return Redirect::to('/admin/login')->with('warning', 'Your session has expired. Please try logging in again.');
    }
});

Thus, after page reloading, a new session is created and the problem is solved.

我有这个问题登录也。不时发生这种异常,所以我停下来,试图复制它。我这样做是成功的:

首先我加载登录页面。

然后我删除了饼干。

然后,无刷新登录页面,我输入的用户名和密码尝试登录。

因为会话被删除(当我删除Cookies),该代码是不是要通过它将把tokenmismatchexception很正常。

Route::filter('csrf', function() {
    if ( Session::getToken() != Input::get('_token')) {
        throw new Illuminate\Session\TokenMismatchException;
    }
});

所以,我所做的,以解决我的问题是添加一个重定向到登录页面的消息通知用户,会议可能过期。

Route::filter('csrf', function() {
    if ( Session::getToken() != Input::get('_token')) {
        return Redirect::to('/admin/login')->with('warning', 'Your session has expired. Please try logging in again.');
    }
});

因此,在页面重载,新创建会话和问题解决。

answer3: 回答3:

/config/session.php set that info 'expire_on_close' => true, save and load again ur site you wont get anymore the issue with Token Mismatch Exception on Login

/config/session.php set that info 'expire_on_close' => true, save and load again ur site you wont get anymore the issue with Token Mismatch Exception on Login

laravel