TokenMismatchException on login

Published 1 week ago by poliam

first I created a clean project using this code

composer create-project --prefer-dist laravel/laravel blog "5.4.*"

I go inside the project then run the command

and update the .env file and I just setup the database for it

APP_NAME=Laravel APP_ENV=local APP_KEY=base64:5zK8d3VnABJYIkp89LNv/R+a2cKLxXJNB+q/XUHjdZE= APP_DEBUG=true APP_LOG_LEVEL=debug APP_URL=http://localhost

DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=new_db DB_USERNAME=root DB_PASSWORD=

BROADCAST_DRIVER=log CACHE_DRIVER=file SESSION_DRIVER=file QUEUE_DRIVER=sync

REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379

MAIL_DRIVER=smtp MAIL_HOST=smtp.mailtrap.io MAIL_PORT=2525 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null

PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET=

then next I run the command

php artisan make:auth

then

php artisan serve

then register a user after that I logout then login again. now I'm getting this error

TokenMismatchException in VerifyCsrfToken.php (line 68)

can someone help me. some of my old project does not have any problem. I was also looking on some of the same issue here on laracast but they did not solve it.

thanks in advance

Best Answer (As Selected By poliam)
adamprickett

Check the 'path' and 'domain' keys in config/session.php are correct.

/*
    |--------------------------------------------------------------------------
    | Session Cookie Path
    |--------------------------------------------------------------------------
    |
    | The session cookie path determines the path for which the cookie will
    | be regarded as available. Typically, this will be the root path of
    | your application but you are free to change this when necessary.
    |
    */

    'path' => '/',

/*
    |--------------------------------------------------------------------------
    | Session Cookie Domain
    |--------------------------------------------------------------------------
    |
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.
    |
    */

    'domain' => env('SESSION_DOMAIN', null),
poliam

need help thanks I already saw some of the solution are to change the chmod of the forlder but I'm on windows and I can see daa on the cache.

adamprickett

Check the 'path' and 'domain' keys in config/session.php are correct.

/*
    |--------------------------------------------------------------------------
    | Session Cookie Path
    |--------------------------------------------------------------------------
    |
    | The session cookie path determines the path for which the cookie will
    | be regarded as available. Typically, this will be the root path of
    | your application but you are free to change this when necessary.
    |
    */

    'path' => '/',

/*
    |--------------------------------------------------------------------------
    | Session Cookie Domain
    |--------------------------------------------------------------------------
    |
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.
    |
    */

    'domain' => env('SESSION_DOMAIN', null),
poliam

/ / |-------------------------------------------------------------------------- | Session Cookie Path |-------------------------------------------------------------------------- | | The session cookie path determines the path for which the cookie will | be regarded as available. Typically, this will be the root path of | your application but you are free to change this when necessary. | */

'path' => '/',

/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| Here you may change the domain of the cookie used to identify a session
| in your application. This will determine which domains the cookie is
| available to in your application. A sensible default has been set.
|
*/

'domain' => env('SESSION_DOMAIN', null),

this is what my session.php on domain looks like. I have not change anything.

adamprickett

OK - can you see the session file being created in storage/framework/sessions/?

Can you also inspect the login page and check the XSRF-TOKEN cookie is being set?

poliam

adamprickett thanks you know what is wierd after I restart my computer everything works fine now. Do you have any idea what had happen? thanks the tokens are now matching app

Sign In or create a forum account to participate in this discussion.