TokenMismatchException in VerifyCsrfToken.php line 68:

Is this link helps

https://github.com/laravel/framework/issues/16064

@tomi

Thank you for your post. However, I checked that issue, I didn't do anything wrong...

@Kristories

Yup... even form is generating CSRF code.

Check your session setting. Also confirm you got same session id on different pages. Token saved in session and if session id changed due to file storage issue or session domain configuration issue it will not matched.

Following token match method from Illuminate\Foundation\Http\Middleware/VerifyCsrfToken :

protected function tokensMatch($request)
    {
        $sessionToken = $request->session()->token();

        $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');

        if (! $token && $header = $request->header('X-XSRF-TOKEN')) {
            $token = $this->encrypter->decrypt($header);
        }

        if (! is_string($sessionToken) || ! is_string($token)) {
            return false;
        }

        return hash_equals($sessionToken, $token);
    }

@ehtasham

TQ for your replay. Yes, I checked there, everything is fine. But still have same issue...

I get that exception randomly in production apps. Bugsnag reports are of no use. However, it usually involves someone who clears there browser history and cookies often or uses a VPN. I get probably one or two per week.

Thank @ejdelmonico

I used Bugsnag as well to get that.. but nothing found...

Diving in further. I have been watching these exceptions closely because it usually occurs with the same users. I find that the app doesn't find a token and issues a new one. Meanwhile, it finds the remember token exists. I am not sure if that is a good lead but I am watching.

Finally I found the way out...

Huh... Its because of Cache of my browser...

Thanks all for your kind help...

Hey tisuchi!

I find great you realized what was the problem but can you share how do yo dou to deal with this error with the world? Thanks :)

@anarela

Actually it was because of the Cache of my browser. I deleted all the cache of my browser, than it has fixed.

for those who is suffering from this problem while writing an API and testing it with Postman .. here is how i fixed it :

1- make sure that you added a header with key = X-Requested-With , value = XMLHttpRequest .

2 - ((more important)) go to app/Providers/RouteServiceProvider , and find the function mapWebRoutes() , and remove the section " middleware('web') -> " that totally worked for me ..

If it is occuring in the Form then it will appearing due to the Version problem you have Write the Code of Laravel 5.6 but your Composer Support 5.4 or some different version try to go on Laravel official Website it will help you Help me!!

If you already set the csrf_field() and tried everything else, try the following steps

  1). Remove 'SESSION_DRIVER' field from your .env
  2). Go to your config/session.php and in domain mark the second parameter of env() 
    to null i.e.

  'domain' => env('SESSION_DOMAIN', null)

  3). Run php artisan cache:config and php artisan cache:clear 
  4). Restart the server and clear your browser cache, and whoaa may be all things are 
  up and running now.

Thank you @Shahrukh4

The problem was solved in 1 year ago in my side. :)

In your storage/cache folder you will find a session file. Delete it.

i have TokenMismatchException in VerifyCsrfToken.php line 68: issue on live server on local its work perfectly