TokenMismatchException in VerifyCsrfToken.php line 67 only on live server

8
votes

I'm getting this error when I try to use auth in Laravel 5.2. That had happened after moving to live server. On my local server everything works fine.

Token inside form and is Session:token() are the same.

UPD: I put dd($request) in laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php

and the _token value NOT matches _token input that is in form.

I tried:

  • Disable CSRF for auth routes, added routes in except array in Midd/VerifyCsrfToken.php.
    • Set up 777 rights to /storage /bootstrap folders.
    • Used {!! csrf_field() !!} and name="_token" value="{{ csrf_token() }}">.
    • Changed domain in config/session.php.
    • php artisan key:generate.
    • Re-installed Auth. Also routes where I have middleware = auth.basic I'm getting "Invalid credentials" even without asking to log in at first.

On my local server it works fine.

2
phplaravel-5laravel-5.2
Check Laravel's session directory. Maybe you do not permission to write.Tam Nguyen
The storage folder and all folders inside have 777 rights , also when I delete all files from session directory they appear again.zm_fans
Did you try this: stackoverflow.com/questions/34866404/…Tam Nguyen
If you use the same doamin for local and live server. Clear your web cookie will fix itTam Nguyen
I have tried everything from that article, my local env on my laptop, but prod on a remote server.zm_fans

2 Answers

0
votes

Does your handler look like this?

<?php 
...
public function handle( $request, Closure $next )
{
    if (
        $this->isReading($request) ||
        //$this->runningUnitTests() ||
        $this->shouldPassThrough($request) ||
        $this->tokensMatch($request)
    ) {
        return $this->addCookieToResponse($request, $next($request));
    }

    // redirect the user back to the last page and show error
    return Redirect::back()->withErrors('Sorry, we could not verify your request. Please try again. (You waited too long to submit your form)');
}
0
votes

Try it it will solve your problem, It is because of http and https conflict.

Goto "session.php" file change this: 

'secure' => env('SESSION_SECURE_COOKIE', false),

to this: 

'secure' => true,