Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
How are you.
I have a project, that after starting the session, it expires after 15 minutes of inactivity, it works well. The problem is when I leave the login for more 15 minutes, http: //proyectodos.test/login When I login with username and password it tells me that time expires, so I have to update the page to be able to login.
Is there any way to exclude the expiration time to the main login path?
You would need to exclude the login page from csrf. This is easily done but not recommended.
https://laravel.com/docs/5.7/csrf#csrf-excluding-uris
Better to leave the user on a page that does not have the login form, but just a login button, which they press and then see a fresh login form.
thanks Snapey I understand what you say
Please or to participate in this conversation.