I get the error The page has expired due to inactivity. Please refresh and try again.
The page has expired due to inactivity. Please refresh and try again.
on a Laravel 5.6.39. In Chrome "Network tab" says error login - 419 unknown status
As soon as I refresh the page, I immediately get the error. So I never see the login view anymore, then I'm stuck . Think to common users that have no experience and only try to refresh the page. If it doesn't work they leave your app.
I can reproduce the error following these steps:
SESSION_LIFETIME
to 1 minute) I already read and tried the most common causes:
@csrf
is present in the login form (it's the default authentication by Laravel) storage
has 755
but tried also with 775
and 777
php artisan cache:clear
php artisan config:clear
php artisan route:clear
php artisan view:clear
php artisan config:cache
php artisan key:generate
SESSION_DRIVER=file
but in production I also tried to replace it with SESSION_DRIVER=cookie
with SESSION_DOMAIN=https://app.my-domain.com/
Here you'll find my code (controllers, view, routes, .env, ...) : https://gist.github.com/dangelion/aa7fc54ea75f7b2d6062fc79f07e04e8
I really have no more idea to solve this. Some helps? Thanks
When we update our application, a browser may still use old files. If you don't clear your cache, Old files can access problems when you apply.
after add @csrf
in form Clear the browser cache and now hope this might work
Well, I have faced the same issue, and to what I know so far, this is a session related problem. what worked for me is (after trying so many different solutions) :
SESSION_DRIVER=cookie
with SESSION_DOMAIN=null
that's all
after I spent almost hours trying to figure out the solution.
NB: this issue has a variety of solutions depends on your particular case/settings. so my solution here one of them.
It looks like that you have cache issues. Try following steps in the order I am writing them;
@csrf
is present right after the form tag starts in your form like so: <form method="POST" action="/profile"> @csrf
Run following commands:
Check the app now in an incognito browser window.
If it works, hurray.
Now you might think that its not valid as you cant ask users of your app to access the app in incognito window. Well, here is how standard web app process works:
and we develope and get all these errors on dev server, only after we resolve all this, we push it to staging server, then we test there. Only after all is resolved on staging, then we push final code to production server.
Hence user using app on production server dont need to do anything.
If you are doing all this on ONE server, you might consider doing it properly to avoid situations like this. makes sense?
I hope it helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.