0 Best Reply Awards

  • Member Since 4 Years Ago
  • 197 Lessons Completed
  • 11 Favorites

28th December, 2015

JacobBennett left a reply on Session Lifetime Timeout And Csrf Token Mismatch • 2 years ago

You guys might also check this package out...


sounds like exactly the solution we are talking about.

24th November, 2015

JacobBennett left a reply on Middleware Parameters • 2 years ago

@sukonovs has the correct answer on this one for anyone wondering... it's just not marked as such. @johnwheal, Care to mark it as the accepted answer?

JacobBennett left a reply on Laravel 5.1 Get Mail Status • 2 years ago

By status do you mean if the email has been sent or not? If so, I don't believe that is accessible.

23rd November, 2015

JacobBennett left a reply on [L5] PJAX With Laravel 5 • 2 years ago

I know this is old, but just to chime in here, as @timrpeterson stated, the pjax default timeout is pretty quick, I think something like 500ms. If your request exceeds that before getting a response from the server, pjax will fall back to non-pjax mode and just make the request as it normally would.

This ends up looking really odd and takes a while to recognize until you open chrome tools and check the Preserve log checkbox on the network tab. When you do that you can see exactly what is happening as described above.

The solution is to extend the timeout for pjax


    // does current browser support PJAX
    if ($.support.pjax) {
        $.pjax.defaults.timeout = 1000; // time in milliseconds


The alternative is to get a faster response time which is far less trivial than the above solution.

17th March, 2015

JacobBennett left a reply on CRSF Checked Before Auth • 3 years ago

@Snapey that makes sense, and you're right, that is better wording for the problem the user is having. Might have to revisit my code :)

14th March, 2015

JacobBennett left a reply on Session Lifetime Timeout And Csrf Token Mismatch • 3 years ago

I shared my solution over on the other thread for this that @Snapey started as well. Had this problem in a production app that was causing all sorts of mayhem. My solution was sort of like what you said @Snapey. I hate how banks pop-up this window letting you know your session is about to expire, but I had to resort to something similar.

@bashy are you suggesting an AJAX sort of heartbeat function to keep the session active over the 2 hour restriction? Say like every 30 minutes if a user is still on a form that hasn't been submitted, send an AJAX request over the line just to keep the token valid?

Linked other discussion https://laracasts.com/discuss/channels/general-discussion/crsf-checked-before-auth

JacobBennett left a reply on CRSF Checked Before Auth • 3 years ago

Had this same problem not too long ago. Chose to display a javascript pop-up letting the user know they had an expired session. The two options were to renew their session, or to log out. In the case that they renewed the session, I simply refreshed the page, which would catch an expired session on route that is protected by the auth middleware, so the user would be prompted to log in again. In my Sessions Controller, I made sure that my store method was using a Redirect::intended('default.route') after logging in to send users that had chosen to refresh back to the page they were just on. Those who chose to log out of course were just sent to the logout page.

The way you are doing it seems like it would work just fine as well, but would be a good idea to use the Redirect::intended() to send users back to the location they were at previously.

Edit Your Profile

Want to change your profile photo? We pull from gravatar.com.