从已经清除的会话中单击注销后,Laravel 5.8显示“419 Page Expired”
I run the php artisan make:auth command and I will explain step by step what I do after that to understand the scenario,
- Login to a new session (example.com/home)
- opened a new tab and paste the url, ie example.com/home.
- Now 2 tabs are open with the same session.
- I clicked logout from one of the tab and it works perfectly fine
- Then when I tried to logout from the other tab, it's giving me an error saying "419 Page Expired" and it is going nowhere even after reloading.
The thing is, these kind of scenarios may arise, and I don't want to see this error message, just logout after clicking logout, even if the session is expired.
Note: This issue is not because of not adding @csrf
我运行 php artisan make:auth strong>命令,我将逐步解释什么 之后我会了解情况, p>
是的,这种情况可能会出现,我不想看到这个错误信息,只需在点击退出后退出,即使会话已过期。 p>
注意: 这个问题不是因为没有添加@csrf strong> p>
div>
Well that's an obvious message you can maybe try to make a better layout for that page, but still it is good to show it so the user knows what happened. If you want to handle it differently you can try to redirect to the login page.
So in your app\Exceptions\Handler.php file within the render method add this:
if ($exception instanceof \Illuminate\Session\TokenMismatchException) {
return redirect()->route('login');
}
IMHO you can try to modify your app/Http/Middleware/VerifyCsrfToken.php file.
Edit the the $except property with something like this:
class VerifyCsrfToken extends Middleware
{
protected $except = [
'http://example.com/logout',
];
<a href="{{ route('logout') }}" class="dropdown-item notify-item"="event.preventDefault(); document.getElementById('logout-form').submit();">
<i class="fa fa-power-off"></i> <span>{{ __('Logout') }} </span>
</a>
<form id="logout-form" action="{{ route('logout') }}" method="POST" style="display: none;">
@csrf
</form>
You have missed the @csrf in you logout form, so only you getting Error 419