Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi!
I'm using in my application (Laravel 5 and PHP 5.6.22) and when I try to perform ajax requests sometimes I get the error TokenMismatchException . But I find the error reason and not a standard for error occurs. I searched the forum but did not find solution.
I running application on artisan:
php artisan serve --port 1334
master.blade.php:
<meta name="token" content="{{ csrf_token() }}">
my JS file:
var token = $('meta[name="token"]').attr('content');
headers: { 'X-CSRF-TOKEN': token },
Whoops, looks like something went wrong.
1/1 TokenMismatchException in VerifyCsrfToken.php line 46:
in VerifyCsrfToken.php line 46
at VerifyCsrfToken->handle(object(Request), object(Closure)) in VerifyCsrfToken.php line 17
at VerifyCsrfToken->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in ShareErrorsFromSession.php line 55
at ShareErrorsFromSession->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in StartSession.php line 61
at StartSession->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 36
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in EncryptCookies.php line 40
at EncryptCookies->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 101
at Pipeline->then(object(Closure)) in Kernel.php line 115
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 84
at Kernel->handle(object(Request)) in index.php line 53
at require_once('C:\xampp\htdocs\smartmage\smartmage\public\index.php') in server.php line 21
For example, a page of my application makes 4 requests, 3 were performed with success and a given error. Looking firebug the 4 requests has the same token, sometimes works the 4 requests, sometimes one fails and returns TokenMismatchException
@VitaliBR the token does have an expiry. This time can be changed by increasing the session time in config/session.php
'lifetime' => 120,
But I seriously suggest refreshing the token periodically:
Route::get('get-new-csrf', function(){ return csrf_token(); });
function getNewToken() {
$.get('get-new-csrf').done(function(data){
$('meta[name="token"]').prop('content', data);
});
};
setInterval(getNewToken, 60000); // Each minute
You can't refresh it. Its the same until timeout.
Refresh it at the timeout then.
Nice @usama.ashraf !
I performed a debug class in VerifyCsrfToken and I saw that when the exception occurs is when my request token is different from session token, as you just told me!
About updating the token periodically is a good practice? every minute?
Thanks
@usama.ashraf that's a nice solution. Ty!
Please or to participate in this conversation.