Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

lungolagodev's avatar

419 Page Expired of form submit

I have several pages with forms (yes the @csrf is in place), when the session expires if I refresh the page it takes me back to the login screen (based on the middleware instructions defined in the routes). But if I press on a submit button then it fails and shows me the page expired message. When the session is expired if I press on any submit buttons I should also be redirected to the login screen.

How can I accomplish this?

Thanks a lot

0 likes
5 replies
LaryAI's avatar
LaryAI
AI
1 year ago
Level 58

To handle the "419 Page Expired" error and redirect users to the login screen when their session has expired, you can customize the behavior in your Laravel application. Here’s a step-by-step solution:

  1. Create a Middleware to Handle Expired Sessions: Create a middleware that will check for the 419 status code and redirect the user to the login page.

    Run the following command to create a middleware:

    php artisan make:middleware RedirectIfSessionExpired

  2. Implement the Middleware Logic: Open the newly created middleware file app/Http/Middleware/RedirectIfSessionExpired.php and add the following code:

    <?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class RedirectIfSessionExpired
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        $response = $next($request);

        if ($response->status() === 419) {
            return redirect()->route('login')->with('message', 'Your session has expired. Please log in again.');
        }

        return $response;
    }
}

  3. Register the Middleware: Register the middleware in app/Http/Kernel.php. Add the middleware to the $middleware array:

    protected $middleware = [
    // Other middleware
    \App\Http\Middleware\RedirectIfSessionExpired::class,
];

  4. Handle the Redirect in the Frontend: Optionally, you can handle the redirect in the frontend using JavaScript to provide a better user experience. For example, you can listen for form submissions and check for the 419 status code:

    document.addEventListener('submit', function (event) {
    event.preventDefault();
    let form = event.target;

    fetch(form.action, {
        method: form.method,
        body: new FormData(form),
        headers: {
            'X-Requested-With': 'XMLHttpRequest',
            'X-CSRF-TOKEN': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
        }
    }).then(response => {
        if (response.status === 419) {
            window.location.href = '/login';
        } else {
            return response.json();
        }
    }).then(data => {
        // Handle successful form submission
    }).catch(error => {
        console.error('Error:', error);
    });
});

  5. Display a Session Expired Message: In your login view, you can display the session expired message if it exists:

    @if (session('message'))
    <div class="alert alert-warning">
        {{ session('message') }}
    </div>
@endif

By following these steps, you ensure that when a user’s session expires and they attempt to submit a form, they will be redirected to the login page with an appropriate message.

1 like
tisuchi's avatar

@lungolagodev What session driver you are using?

Is that file?

IF SO, then storage/framework/sessions directory must be writable by the web server.

e.g.

sudo chown -R www-data:www-data storage
sudo chmod -R 775 storage
tisuchi's avatar

@jurky3fo It might not be applicable to the database.

In that case, maybe you can increase the deine session time in the env.

Please or to participate in this conversation.