Level 75
May 5, 2017
9
Level 1
Laravel 5.4 TokenMismatchException in VerifyCsrfToken.php line 68 on some device
I know it's one of the most asked question around here, but I really read everything on the first 10 pages results on google and nothing solved my problem.
On a fresh installation of laravel 5.4 , generated the auth controller, views, etc. via php artisan make:auth when I try to register (or login) in some device I get the following error:
TokenMismatchException in VerifyCsrfToken.php line 68
I'm running this application in local on debian 8.7 and php7 (could it be related to the problem in some way ?) From my pc, iphone 7, another windows 10 desktop it works perfectly, but on a Huawei p8 lite, ipad 2 and lubuntu (quite old version) I get that error. So it's really weird because it just happends with some device (no matter whaht O.S. no matter what browser).
And also if I run a project that I created on another pc where it works, it gives me the same TokenMismatchException problem (on my pc too). The weird thing is that if I move all those projects somewhere else (like another pc or on a remote server) they work perfectly! So I come to conclusion that there must be something wrong with my configuration in some way, but I tried to reinstall composer and laravel too with no luck.
I can already tell you that I tried grant permissions to sessions folder, change session_domain, clearing cache (but as I said I'm trying this on a fresh installation), change {{ csrf_token }} to {!! csrf_token !!} , etc.
Just to give you more information about my system, this is the php version i'm using:
php --version PHP 7.0.17-1~dotdeb+8.1 (cli) ( NTS ) Copyright (c) 1997-2017 The PHP Group Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies with Zend OPcache v7.0.17-1~dotdeb+8.1, Copyright (c) 1999-2017, by Zend Technologies
I'm really stuck on this for a month now. Got no more ideas.
Level 1
I already saw that issue and I tried everything but nothing worked. In that post someone says that it usually ends up with a misconfiguration, but this is not the case because the same project works perfectly if run on other pc. That makes me think it's related to some configuration of my system itself, but I got no more ideas.
Thank you anyway
EDIT:
I just reinstalled composer and laravel for the umpteenth time changing also the installation path, but still the same error. it's a nightmare..I really can't get rid of this..
By the way I receive two different tokens when it happends..
Level 14
This is a very long shot - what is the name of your cookie?
Is it the default laravel_session? If so - try and change it to laravelsession? Does that solve it?
Level 2
use {{ csrf_field() }} in your form or better still you should use Laravel collective
Level 1
@laurence I tested everything on a fresh installation so yes, it's the default laravel_session and I already tried to chang it as well.
@nanpaul68 It's the default auth view and also with another form with {{ csrf_field }} I still get the same issue.
Level 14
Oh - I just re-read your issue.
The problem is nothing to do with tokens - the problem is your sessions. For whatever reason - your sessions are broken on the other computer. This shows as a token_mismatch error - because when your session breaks, your token is wrong by default.
Try a different session driver.
Level 1
Thank you for your interest and sorry for the late.
Actually I found out that a fresh installation, after clearing the cache of the browsers on all the devices, was working fine. So I set up a SESSION_DOMAIN= in the .env file (it was null into the session.php file). But I didn't use localhost (because it wasn't working either), I inserted a custom domain (previously added in /etc/hosts) and it started working again.
I don't know what exactly happened and why, but it seems to work in this way.
p.s.
@laurence you were on the right way. thanks!
Level 1
I was having the same issue. Make sure you change the permissions on your storage/framework folders (session, cache and views) to 777.
Level 4
If you alreade set the csrf_field() and tried everything else, try the following steps
1). Remove 'SESSION_DRIVER' field from your .env
2). Go to your config/session.php and in domain mark the second parameter of env()
to null i.e.
'domain' => env('SESSION_DOMAIN', null)
3). Run php artisan cache:config and php artisan cache:clear
4). Restart the server and clear your browser cache, and whoaa may be all things are
up and running now.
Please or to participate in this conversation.