Level 41
Catch the CSRF exception and redirect to the login page?
Jul 17, 2015
8
Level 1
Session timeout and forwarding back to login page
I see that many others are having different issues with the session timeout. My timeout is working perfectly, but the problem is that when the users tries to update the page, after it has timed out, then I get a CSRF error. Many of the pages have forms on them, so a timeout causes an error. How do we skip the error and forward straight to the login page?
Level 56
Why would you ever have a csrf verification for a get request ?
Level 1
Maybe I did not explain it well enough. It is not a get request. It is not any request. It is a timeout while on a page that has a form. If the user attempts to continue after the timeout, then a CSRF error is thrown.
Level 56
You mean if you let the form page opened for too long then try to submit the form ?
Level 1
The page is being left open for too long. My timeout is 60 minutes. The form does not need to be submitted after the timeout. Any action taken (click on a menuitem, back button, other link, or even a refresh) will give the same error.
Level 56
click on a menuitem, back button, other link, or even a refresh
This is get request there shouldnt be any csrf verification
Level 1
Okay thank you for all of your help. Obviously, I am not explaining it correctly.
Level 42
@rpombo As RachidLaasri already suggested, act on the exception. In method render() of /app/Exceptions/Handler.php you could try something like
if ( $e instanceof \Illuminate\Session\TokenMismatchException ) {
return redirect()->route('login');
}
4 likes
Please or to participate in this conversation.