TokenMismatchException

Hey MADALA, what is the value of the SESSION_DRIVER located in the .env file ?

Madala; I'm guessing you're using a form for your logout button; any form will require that you include the CSRF Token; two ways to fix this kind of poblem

1 Add the csrf_token to the logout form

<form action="/logout">
    {{ csrf_field() }}   <!-- Add this line -->
    <button type="submit">Logout</button>
</form>

2 Use a basic link instead, no need for csrf token

<a href="/logout">Logout</a>

@Indemnity83 I haven't tried second approach but I am sure it will not work since laravel 5.3 logout action has been changed to post from get and you are giving example for get. I have also noticed sometimes that when I try to logout laravel throws up TokenMismatchException.

I think change from get to post for logout is not so smart in this case since users could be logged in to a website for hours and then when they try to logout it does not work.

This is by default the code Laravel generates and it's using POST

<a href="{{ url('/logout') }}"
    onclick="event.preventDefault();
             document.getElementById('logout-form').submit();">
    Logout
</a>

<form id="logout-form" action="{{ url('/logout') }}" method="POST" style="display: none;">
    {{ csrf_field() }}
</form>

@MADALA the only way to solve the problem is either increase the lifetime of session to a large value, currently it's 2 hours. Or use a package that automatically generates new token when old one expires.

Ah you're right; the logout requires a post; but you said an interesting thing there...

the only way to solve the problem is either increase the lifetime of session to a large value

if your session times out; you are by definition already logged out; is it just the error message you're trying to avoid?

@maculus1 , hi SESSION DRIVER looks like this

SESSION_DRIVER=file

@Indemnity83 @madala so probably the best way to handle it is to catch TokenMismatchException and redirect user to login or frontpage.