Login Page - refresh token before post submit as login page has been open for ages

When a user logs in, a POST to /login includes _token data, and I understand why this is necessary.

We have implemented idle-time-logout after X minutes.

If a user is logged out by our application in a browser tab they are not using, and when they go to log back in, we have found a lot of TokenMismatchExceptions being thrown.

This is confusing as the user thinks it is a password issue, as they are unaware of the token.

When logging in, I don't think you should even need a token - it should be how you OBTAIN a token, not require you to already have one.

Is there a way to allow people to log in from a stale login page?