VerifyCsrfToken 中的 TokenMismatchException - Laravel 5.1
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/32118400/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
TokenMismatchException in VerifyCsrfToken - Laravel 5.1
提问by Chandz
I am building a REST API using Laravel 5.1and I am getting this error:
我正在使用Laravel 5.1构建 REST API ,但出现此错误:
TokenMismatchException in VerifyCsrfToken.php line 53:
Here is my routes.php:
这是我的routes.php:
Route::controller('city' , 'CityController' );
CityController:
城市控制器:
class CityController extends Controller
{
public function postLocalities()
{
$city = Input::get('cityName');
$response = $city;
return $response;
}
}
Here is the Stacktraceof the error when I hit the URL http://localhost:8000/city/localities?cityName=bangalorewith POST method.
这里是堆栈跟踪错误时,我打了URL 的http://本地主机:8000 /城市/地区的cityName =班加罗尔与POST方法。
TokenMismatchException in VerifyCsrfToken.php line 53:
in VerifyCsrfToken.php line 53
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
ShareErrorsFromSession.php line 54
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Kernel.php line 122
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 87
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\Users\betaworks02\Documents\gharbhezoBackend\public\index.php') in server.php line 21
回答by Tariq Khan
If you are building an API its best to place the CRSF middle ware on per route basis rather than placing it as a global middleware. To make it as a route middleware go to the "/app/Http/Kernel.php" file.
如果您正在构建 API,最好在每个路由的基础上放置 CRSF 中间件,而不是将其放置为全局中间件。要使其成为路由中间件,请转到“ /app/Http/Kernel.php”文件。
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
//comment out to avoid CSRF Token mismatch error
// 'App\Http\Middleware\VerifyCsrfToken',
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
'cors' => 'App\Http\Middleware\CorsMiddleware',
'api' => 'App\Http\Middleware\ApiMiddleware',
'csrf' => 'App\Http\Middleware\VerifyCsrfToken'// add it as a middleware route
Now you can place it on the routes where you need it for example
现在您可以将其放置在您需要的路线上,例如
Route::get('someRoute', array('uses' => 'HomeController@getSomeRoute', 'middleware' => 'csrf'));
Route::get('someRoute', array('uses' => 'HomeController@getSomeRoute', 'middleware' => 'csrf'));
For your case where you don't need CSRF token matching it should work fine now.
对于您不需要 CSRF 令牌匹配的情况,它现在应该可以正常工作。
回答by Luis Morales
You do not need to fully override the CFSR token from your app. In your App/Http/Midlleware folder go to VerifyCsrfToken.php and include your API route to the exception as follows:
您不需要从您的应用程序中完全覆盖 CFSR 令牌。在您的 App/Http/Midleware 文件夹中,转到 VerifyCsrfToken.php 并将您的 API 路由包含到异常中,如下所示:
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'api/*',
];
The * shows for all routes inside your API.
* 显示 API 中的所有路由。
回答by Bill Kremer
I was getting the same error, but with all the warnings about overriding CSRF validation, didn't want to change those settings.
我遇到了同样的错误,但所有关于覆盖 CSRF 验证的警告,不想更改这些设置。
I eventually found that my Session Driver in /config/session.php was defaulting to memcached, and since I was on a development server I needed to override the SESSION_DRIVER env variable with 'file' to use the session in /storage/framework/sessions.
我最终发现 /config/session.php 中的会话驱动程序默认为 memcached,并且由于我在开发服务器上,因此我需要使用“文件”覆盖 SESSION_DRIVER 环境变量以使用 /storage/framework/sessions 中的会话.
/.env
SESSION_DRIVER = file
