laravel version is 5.8 running on a shared hosting website running Apache Version 2.4.53
and php version 8.0.25 on a linux operating system.
I’m facing this issue with some of my clients, where when they sign out, and login again, they get :
"419 sorry your session has expired"
I personally never got this error, and it’s frustrating because I cannot debug the problem from my side and I have to do trial and error and tell them to test it.
How they get around it :
They tell me they clear the cache from the browser settings every time to make the problem go away temporarily, but then it comes back.
My question is : If I prevented caching to start with, by adding those lines of html code in every header, will the problem go away?
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
2
Answers
Your approach with the no-cache headers, won’t solve the problem.
There are two reasons, why you can get a 419 error:
There exists a laravel package, which solves the problem: https://github.com/GeneaLabs/laravel-caffeine
This may be related to laravel .env config..
verify if the SESSION_DOMAIN match your server domain
SESSION_DOMAIN=showldBeYourServerDomain
ps. domain string without http or https, and slash at the end
ex: instead of https://google.com, just google.com