Laravel creates new session token but uses the old token when using csrf_token(). While validating it uses the newly created session_token() thus gives The page has expired due to inactivity.Please refresh and try again. or TokenMismatchException.
I have cleared all the cache, yet couldn't make it work
composer dump-autoload
php artisan optimize
php artisan cache:clear
php artisan config:clear
php artisan route:clear
php artisan view:clear
Before post request, this is the token
accordingly the csrf_token() also uses the same but when the post call is made, the request body uses the above token where the session_token uses the new one (NOTE: Session token does not create new token every time)
Session.php
<?php
return [
'driver' => env('SESSION_DRIVER', 'file'),
'lifetime' => 1200,
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => null,
'table' => 'sessions',
'store' => null,
'lottery' => [2, 100],
'cookie' => 'laravel_session',
'path' => '/',
'domain' => env('SESSION_DOMAIN', null ),
'secure' => env('SESSION_SECURE_COOKIE', false),
'http_only' => true,
];
storage/framework/session has write permission.
TIA
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire