Level 122
The best solution is to not leave the user on a page with a login form when they logout.
But I have other ideas also;
https://talltips.novate.co.uk/laravel/csrf-and-expired-login-forms
2 likes
Jul 23, 2023
1
Level 8
Expired CSRF token in the login form
Hello,
How would you handle an expired CSRF token in a login form, which leads to a 419 error? Currently what I do is an ugly "solution" which is to catch a 419 error and simply refresh the login form when a user tries to login, then he needs to put his credentials again.
But is there a better way to do it, i.e., detect an expired token, regenerate the token and re-send the login form? Or that wouldn't be secured?
This rarely happens, it only happens if a user left his browser open for example, but still wanted a better approach
Thanks
Please or to participate in this conversation.