Laravel 5.8 419 页面过期 - 登录后
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/57766042/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
419 Page Expired Laravel 5.8 - After Login
提问by Karthik
I Created one Project in Laravel 5.8. In my Local Environment(PHP 7.2) its working good. when i hosted this project in to my server(PHP 7.1) using cpanel after login its return 419 Page Expired Error.
我在 Laravel 5.8 中创建了一个项目。在我的本地环境(PHP 7.2)中,它运行良好。当我在登录后使用 cpanel 将此项目托管到我的服务器(PHP 7.1)时,返回 419 页面过期错误。
Mylogin Form Code:
Mylogin 表单代码:
<form method="POST" action="{{ route('login') }}" id="login-form">
@csrf
<div class="form-group">
<label for="username">{{ __('Username / Email Address') }}</label>
<input type="text" class="form-control{{ $errors->has('username') ? ' is-invalid' : '' }} boxed" name="username" id="username" value="{{ old('username') }}" required autofocus>
</div>
@if ($errors->has('email'))
<span class="invalid-feedback" role="alert">
<strong>{{ $errors->first('email') }}</strong>
</span>
@endif
<div class="form-group">
<label for="password">{{ __('Password') }}</label>
<input type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }} boxed" name="password" id="password" required>
</div>
@if ($errors->has('password'))
<span class="invalid-feedback" role="alert">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
<div class="form-group" style="margin-bottom: 0px; float:left;">
@if (Route::has('password.request'))
<a href="{{ route('password.request') }}" class="forgetpwd">
{{ __('Forgot Your Password?') }}
</a>
@endif
</div>
<div class="form-group" style="text-align: center;">
<button type="submit" class="btn btn-warning" style="padding:0.5rem 1.8rem;">Login</button>
</div>
</form>
I cleared Cache and Cookies but, Same issue Displayed.
我清除了缓存和 Cookie,但是显示了相同的问题。
回答by farooq
Use this in the head section instead of @csrf :
在 head 部分使用它而不是 @csrf :
<meta name="csrf-token" content="{{ csrf_token() }}">
回答by zoider23
This can also be down to session persistence issues. What driver are you using for session handling?
这也可以归结为会话持久性问题。您使用什么驱动程序进行会话处理?
There's a good read at https://github.com/laravel/framework/issues/26106that explains issues and solutions. However, the comment at https://github.com/laravel/framework/issues/26106#issuecomment-444121367may be of more use to you.
https://github.com/laravel/framework/issues/26106上有一篇很好的文章,其中解释了问题和解决方案。但是,https://github.com/laravel/framework/issues/26106#issuecomment-444121367 上的评论可能对您更有用。
回答by Abdulrehman Sheikh
This error occurs due to CSRF token verification failure, misconfigured cache, permissions, improper session settings. This error shows up when a user submits a post request. You can fix it by doing belows:
发生此错误的原因是 CSRF 令牌验证失败、缓存配置错误、权限、会话设置不当。当用户提交发布请求时会出现此错误。您可以通过执行以下操作来修复它:
CSRF token verification failure The most common reason for the 419 error is CSRF token failure. Cross-site request forgery is a unique, encrypted value generated by the server. This is included in the HTTP request of the client. Later the server verifies it. If this fails, it leads to session expired error. So, you check the CSRF setting in the Laravel config.
Session expired error due to cache Sometimes, the cache can also lead to session expired error in front-end. This can be both the server cache and browser cache. So, clear the server cache using
php artisan cache:clear.Laravel file and folder permissions Similarly, improper file or folder permission can also lead to errors. Usually, web servers need write-permissions on the Laravel folders storage and vendor. Also, session storage needs write-permission. So, give permissions as,
chmod -R 755 storage
chmod -R 755 vendor
chmod -R 644 bootstrap/caches
CSRF 令牌验证失败 419 错误的最常见原因是 CSRF 令牌失败。跨站请求伪造是由服务器生成的唯一的、加密的值。这包含在客户端的 HTTP 请求中。稍后服务器对其进行验证。如果失败,则会导致会话过期错误。因此,您检查 Laravel 配置中的 CSRF 设置。
由于缓存导致会话过期错误有时,缓存也会导致前端会话过期错误。这可以是服务器缓存和浏览器缓存。因此,请使用
php artisan cache:clear.Laravel 文件和文件夹权限 同样,不正确的文件或文件夹权限也会导致错误。通常,Web 服务器需要对 Laravel 文件夹存储和供应商的写权限。此外,会话存储需要写权限。所以,给权限,
chmod -R 755 存储
chmod -R 755 供应商
chmod -R 644 引导程序/缓存
Laravel session setting Last but not least, session settings can also cause a 419 error. The app/config/session.php is the session config file. Check for a few important parameters – domain and secure.
Laravel 会话设置 最后但并非最不重要的是,会话设置也会导致 419 错误。app/config/session.php 是会话配置文件。检查一些重要的参数——域和安全。
'domain' => env('SESSION_DOMAIN', null),
'secure' => env('SESSION_SECURE_COOKIE', false), // in case of cookie
These step by step approach fixes the error and make Laravel working again.
这些循序渐进的方法修复了错误并使 Laravel 再次工作。
回答by king neo
Yes, the problem is caused by the csrf_token. @csrf return only the token but which is going to be sent so use csrf_field() which will generate a hidden input field. Or you can remove this route from middleware like below, which is not recommended as it's your authenticate route. Also, try
是的,问题是由 csrf_token 引起的。@csrf 仅返回令牌但将被发送,因此使用 csrf_field() 将生成一个隐藏的输入字段。或者您可以从中间件中删除此路由,如下所示,不推荐这样做,因为它是您的身份验证路由。另外,试试
Clear cache : php artisan cache:clearGenerate new app key : php artisan key:generate
清除缓存:php artisan cache:clear生成新的应用密钥:php artisan key:generate
class VerifyCsrfToken extends Middleware
{
/**
* Indicates whether the XSRF-TOKEN cookie should be set on the response.
*
* @var bool
*/
protected $addHttpCookie = true;
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'/login'
];
}
