cPanel Question posted in
The official documentation can be seen here.

419 Page Expired Laravel 5.8 – After Login – CPanel

I Created one Project in Laravel 5.8. In my Local Environment(PHP 7.2) its working good. when i hosted this project in to my server(PHP 7.1) using cpanel after login its return 419 Page Expired Error.

Mylogin Form Code :

<form method="POST" action="{{ route('login') }}" id="login-form">
    @csrf
    <div class="form-group">
      <label for="username">{{ __('Username / Email Address') }}</label>
      <input type="text" class="form-control{{ $errors->has('username') ? ' is-invalid' : '' }} boxed" name="username" id="username" value="{{ old('username') }}" required autofocus>
    </div>
    @if ($errors->has('email'))
       <span class="invalid-feedback" role="alert">
          <strong>{{ $errors->first('email') }}</strong>
       </span>
    @endif

    <div class="form-group">
        <label for="password">{{ __('Password') }}</label>
        <input type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }} boxed" name="password" id="password" required>
    </div>
    @if ($errors->has('password'))
        <span class="invalid-feedback" role="alert">
           <strong>{{ $errors->first('password') }}</strong>
        </span>
    @endif

    <div class="form-group" style="margin-bottom: 0px; float:left;">
        @if (Route::has('password.request'))
            <a href="{{ route('password.request') }}" class="forgetpwd">
               {{ __('Forgot Your Password?') }}
            </a>
        @endif
    </div>

    <div class="form-group" style="text-align: center;">

        <button type="submit" class="btn btn-warning" style="padding:0.5rem 1.8rem;">Login</button>
    </div>
</form>

I cleared Cache and Cookies but, Same issue Displayed.

Tags:

16

Answers


  1. 0

    Yes, the problem is caused by the csrf_token. @csrf return only the token but which is going to be sent so use csrf_field() which will generate a hidden input field. Or you can remove this route from middleware like below, which is not recommended as it’s your authenticate route. Also, try

    Clear cache : php artisan cache:clear
    Generate new app key : php artisan key:generate

    class VerifyCsrfToken extends Middleware
{
    /**
     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
     *
     * @var bool
     */
    protected $addHttpCookie = true;

    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        '/login'
    ];
}
    Login or Signup to reply.
  2. 0

    Use this in the head section instead of @csrf :

    <meta name="csrf-token" content="{{ csrf_token() }}">
    Login or Signup to reply.
  3. 0

    This error occurs due to CSRF token verification failure, misconfigured cache, permissions, improper session settings. This error shows up when a user submits a post request. You can fix it by doing belows:

    1. CSRF token verification failure The most common reason for the 419 error is CSRF token failure. Cross-site request forgery is a unique, encrypted value generated by the server. This is included in the HTTP request of the client. Later the server verifies it. If this fails, it leads to session expired error. So, you check the CSRF setting in the Laravel config.

    2. Session expired error due to cache Sometimes, the cache can also lead to session expired error in front-end. This can be both the server cache and browser cache. So, clear the server cache using php artisan cache:clear.

    3. Laravel file and folder permissions Similarly, improper file or folder permission can also lead to errors. Usually, web servers need write-permissions on the Laravel folders storage and vendor. Also, session storage needs write-permission. So, give permissions as,

      chmod -R 755 storage

      chmod -R 755 vendor

      chmod -R 644 bootstrap/caches

    Laravel session setting Last but not least, session settings can also cause a 419 error. The app/config/session.php is the session config file. Check for a few important parameters – domain and secure.

    'domain' => env('SESSION_DOMAIN', null),
'secure' => env('SESSION_SECURE_COOKIE', false), // in case of cookie

    These step by step approach fixes the error and make Laravel working again.

    Login or Signup to reply.
  4. 0

    in my case

    when you logged in and want to sign up again this error fired.

    so i open in new incognito tab and solved my problem

    UPDATE: Asif in comment said:

    OR you can clear Browser cookies because laravel uses session there.

    Login or Signup to reply.
  5. 0

    In all probably, you are missing @csrf.

    Just add @csrf following right after your form opening tag line.
    It should look like this:

    <form class="singn-form" method="POST" action="{{ route('register') }}">
@csrf
....
</form>
    Login or Signup to reply.
  6. 0

    As others said this should be a csrf_token issue. However, in my case, I couldn’t find a proper solution yet so, I temporarily removed all routes from middleware for testing the rest of the functions.

    PS:- Do not do this in production.

    class VerifyCsrfToken extends Middleware
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        
        '*',
        
    ];
}
    Login or Signup to reply.
  7. 0

    Another thing to look out for is if you’re accessing the site over http (Non secure), but you have ‘HTTPS Only Cookies’ enabled in config/session.php you will receive this error.

    /*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you if it can not be done securely.
|
*/

'secure' => true,
    Login or Signup to reply.
  8. 0

    Add SESSION_DOMAIN= in your .env file without any value assigned.

    Login or Signup to reply.
  9. 0

    I had the same problem and none of my friends’ solutions worked for me.
    Then I realized that because my site was https and I was logged in with http, I was receiving this error, so after realizing this, I sent http to https.

    Login or Signup to reply.
  10. 0

    I always got 419 after doing php artisan key:generate.

    Because my session belonged to the previous APP_KEY.
    I cleared the browser cache and it all worked for me

    Login or Signup to reply.
  11. 0

    run these commands if none of the above solutions work

    php artisan key:generate
php artisan config:cache
php artisan cache:clear
php artisan view:clear
php artisan route:clear

    Reference this answer here

    Login or Signup to reply.
  12. 0

    If it’s shared host.., just add in top index.php

    ob_start();

    Login or Signup to reply.
  13. 0

    In storage/framework the folder ‘sessions’ was missing for me. It was causing my issue with this error. Creating the folder solved it.

    Login or Signup to reply.
  14. 0

    Please check your form must have @csrf token inside.

    Login or Signup to reply.
  15. 0

    If you are using this directive in that page, you must remove it.

    I’ve had this problem before (Laravel 5x) and it was solved after I removed it.

    $request->session()->flush();

    This directive makes csrf = empty.

    Login or Signup to reply.
  16. 0

    Use @csrf in the middle of the <form /form> tag.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search