Level 63
Hello,
I have the same problem and me too I don't have solved this issue.
I have to reload the page ot have it working.
I thought about a default on how the browser is storing the session on the mobile, but it's only a hypothesis.
Jan 6, 2023
15
Level 2
419 Login Link Expired Errors - On mobile only?
Hi I have an irritating bug that has recently started happening, I just can't work it out.
Login always works on my desktop, ipad etc - and presumably for all of my customers as they're not complaining!
However on my phone (chrome) I repeatedly get redirected to the 419 error page. Sometimes it does actually log me in, but I still get redirected here!
The CSRF token is on the form, I've cleared browser and server caches, any ideas?
Level 3
Guys, I have the answer! (to my 419 error)
The core issue is that Google Chrome on mobile now automatically tries to submit the "Log In" form for you when using its password manager. [1]
So, if you are like me, you are inadvertently submitting the form twice..
- First, when you select your password (per [1])
- Second, when you click the "Log In" button
The second click is what causes the 419 error, and is why a simple refresh, after you see the 419 error, indicates that you are logged in.
This behavior isn't really Laravel's fault, but it is so annoying and pernicious, it should probably be addressed in the core.
[1] https://www.androidpolice.com/google-chrome-android-faster-sign-in-websites/
8 likes
Level 2
@therocksandiego yes… that is exactly it, thank you!
I have just realised I’m clicking again while the form is already being submitted. I guess I will need to redo my php login page with some JS to detect the form submission and disable the button while it’s doing it.
Edit: and yeah that fixed it 👍
3 likes
Level 102
@therocksandiego Ouch. That could also give us issues with where to place Remember me. Often people mark that after filling out the password :/
But nice find! That is really good to know
2 likes
Level 63
@therocksandiego After the 419 error, I refresh the page, but I'm not logged in, it just refresh the login page.
Level 3
@vincent15000 Oh no! You might be experiencing a different issue then. :/ This link has 4 additional solutions. Maybe one of them applies to your situation: https://bobcares.com/blog/laravel-error-419-session-expired/
1 like
Level 63
@therocksandiego Thank you ;) ... I have tested each solution and clearing the browser's cache works, but I cannot ask each user to clear the browser's cache.
Level 2
@therocksandiego you are a lifesaver! ;-) I had this issue for months now and couldn't find out why I got these stupid 419 on mobile chrome!!
For anybody who looks for a solution, I fixed it with some alpinejs on the login form:
<div x-data="{ submitButtonDisabled: false }">
<form method="POST" action="{{ route('login') }}" x-on:submit="submitButtonDisabled = true">
<!-- login input fields ... -->
<button type="submit" x-bind:disabled="submitButtonDisabled">Log In</button>
</form>
</div>
5 likes
Level 2
@flymke This is a perfect easy solution for the the doubleclick issue that became a noticable issue because of the password manager.
1 like
Level 2
@geerizzle Try using debounce in your js frontend. it can also help a lot with performance, especially when filtering.
1 like
Level 51
This issue sounds vaguely familiar and it was fixed by updating/downgrading the Laravel version.
1 like
Level 63
@webrobert I have this problem with Laravel 8.75 and Laravel 9.19.
Level 51
ahh, maybe not, I found the thread. Looks like it was actually giving a different error. I didnt go back and read the issue but as I remember internally it was fortify or jetstream related.
1 like
Level 63
@webrobert I will test this tomorrow ... thank you ;).
Level 1
Hi to everyone! I have been using this site a lot in the last months, since I discovered this marvel, Laravel. About this, I have the same symptom, but the cause is not the double click, I just let Android Chrome to send the form without clicking SEND, but I get the error anyway. If I refresh, it asks to resend the form, I say yes, and same error again. In the same phone, Opera does not have that problem, it works flawlessly. This is my code, out-of-the-box Breeze code. Can someone throw me a rope, please? I cannot present the system to my client with that mistake. I find it very surprising that Laravel has not provided a solution for this, being that they care about the most minimal details. Thanks in advance.
<form method="POST" action="{{ route('login') }}">
@csrf
<!-- Email Address -->
<div>
<x-input-label for="email" :value="__('Email')" />
<x-text-input id="email" class="tw-block tw-mt-1 tw-w-full" type="email" name="email" :value="old('email')" required autofocus autocomplete="username" />
<x-input-error :messages="$errors->get('email')" class="tw-mt-2" />
</div>
<!-- Password -->
<div class="tw-mt-4">
<x-input-label for="password" :value="__('Password')" />
<x-text-input id="password" class="tw-block tw-mt-1 tw-w-full"
type="password"
name="password"
required autocomplete="current-password" />
<x-input-error :messages="$errors->get('password')" class="tw-mt-2" />
</div>
<!-- Remember Me -->
<div class="tw-block tw-mt-4">
<label for="remember_me" class="tw-inline-flex tw-items-center">
<input id="remember_me" type="checkbox" class="tw-rounded dark:tw-bg-gray-900 tw-border-gray-300 dark:tw-border-gray-700 tw-text-indigo-600 tw-shadow-sm focus:tw-ring-indigo-500 dark:focus:tw-ring-indigo-600 dark:focus:tw-ring-offset-gray-800" name="remember">
<span class="tw-ml-2 tw-text-sm tw-text-gray-600 dark:tw-text-gray-400">{{ __('Remember me') }}</span>
</label>
</div>
<div class="tw-flex tw-items-center tw-justify-end tw-mt-4">
@if (Route::has('password.request'))
<a class="tw-underline tw-text-sm tw-text-gray-600 dark:tw-text-gray-400 hover:tw-text-gray-900 dark:hover:tw-text-gray-100 tw-rounded-md focus:tw-outline-none focus:tw-ring-2 focus:tw-ring-offset-2 focus:tw-ring-indigo-500 dark:focus:tw-ring-offset-gray-800" href="{{ route('password.request') }}">
{{ __('¿Forgot your password?') }}
</a>
@endif
<x-primary-button class="tw-ml-3">
{{ __('Log in') }}
</x-primary-button>
</div>
</form>
1 like
Please or to participate in this conversation.