PHP Versions Question posted in
You can find a list of all versions here.

Php versions – TokenMismatchException: in VerifyCsrfToken.php line 33 using Laravel

Despite searching through Stack OverFlow and trying everything suggested during similarly posted questions, I am still struggling to get passed this Exception.

I have taken over this website, and have been tasked with getting it running on AWS. At the moment, I am doing nothing adventurous, and have simply copied the lot to a Linux AWS VM, which is running Apache, PHP, beanstalk, Laravel, and MariaDB.

The site was set up to use the DB as the Session and Cache Driver. I have tried changing this to file and cookie but neither make a difference.

I have ensured that key:generate has been run and stored in the .env file. I have tried all different versions of the csrf_token output in the form, to no avail.

I’m sorry to post yet another issue around this same problem but was hoping there were some other ideas to assist me.

A snippet from my form….

<form method="post" accept-charset="utf-8" autocomplete="off">
    <meta name="csrf-token" content="{{ csrf_token() }}">
    <div class="form-group">
        .......
</form>

Following advice from @Script47, I amended my form as such, which also sadly, doesn’t work:

<form method="post" accept-charset="utf-8" autocomplete="off">
    {!! csrf_field() !!}
    <div class="form-group">
        .......
</form>

Further Snippets:

Route – web.php

Route::any('/signup', ['as' => 'jobseeker.signup', 'uses' => 'JobseekerJobseekerController@signup']);

Controller

        if ($this->request->isMethod('POST'))
        {
            $rules = [
                'email'    => 'email|required|unique:jobseekers,email',
                'password' => 'required|min:6|confirmed',
            ];

            $validation_messages = ['email.unique' => trans('messages.auth.email.unique.validation', ['login' => route('jobseeker.login'), 'forgot' => route('jobseeker.forgot')])];
            $validation = Validator::make($this->request->all(), $rules, $validation_messages);

            if ($validation->passes())
            {
                Unsubscriber::remove($this->request->get('email'));
                $jobseeker = Jobseeker::register($this->request->get('email'), $this->request->get('password'));
                $jobseeker->sendRegistrationNotification();
                $this->auth->login($jobseeker);
                return redirect()->route('account.details');
            }

The crazy thing is, this works in a live environment. But doesn’t work since I took a copy of the code and re-set it up on AWS.

Tags:

2

Answers


  1. 0

    You’re doing it wrong, as per the documentation:

    Anytime you define a HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request. You may use the csrf_field helper to generate the token field:

    So it should be:

    {{ csrf_field() }}

    in your form. The meta tag is generally for AJAX requests to reference the token.

    Login or Signup to reply.
  2. 0

    right below your form tag define it 🙂

     @csrf
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search