Laravel 中 Ajax 请求的令牌不匹配错误
TokenMismatch Error on Ajax Requests in Laravel
我在 Ajax 提交时收到 TokenMismatch 错误 当我提交表单时出现错误。这里我用的是Laravel 5.2。我在 ajax 通话中传递 X-CSRF-TOKEN 的地方。在 default.blade.php 上的元上设置令牌。我已经尝试了 Whosebug.
中所有可能的解决方案
- 正在更改存储文件夹的权限。
- 已尝试清除缓存。
- 尝试添加
Route::group(['middleware' => ['web','auth']], function () {
- 将
token 添加到 ajax 函数的 header。
- 尝试在表单中添加
token 字段。
任何人都可以从下面的代码中找到任何解决方案。
知道我哪里出错了吗?任何帮助将不胜感激
下面是我的分类 HTML 表格 category.blade.php:
<form method="POST" name="category-add-form" id="category-add-form" action="{{route("category-add")}}" accept-charset="UTF-8">
{{csrf_field()}}
<div class="form-group">
<label for="title">Category Title:</label>
<input class="form-control" name="category_title" type="text" value="" id="category_title">
</div>
<div class="form-group">
<label for="body">Description:</label>
<textarea class="form-control" name="category_description" cols="50" rows="10" id="category_description"></textarea>
</div>
<div class="form-group">
<input class="btn btn-primary form-control" type="submit" value="Add CAtegory">
</div>
</form>
下面是我的 app.js.
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
下面是我的 category-add.js 这是我的 ajax 代码。我没有包括整个功能。
var request;
var $inputs = $("#category-add").find("input, select, button, textarea");
var formData = new FormData($("#category-add")[0]);
request = $.ajax({
url: $("#category-add").attr("action"),
type: "POST",
data: formData,
processData: false,
contentType: false,
dataType: "json",
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
request.done(function (response, textStatus, jqXHR) {
//Notification.init(response.message);
//App.unblockUI('.block-panel-box');
});
request.error(function (response, textStatus, jqXHR) {
//App.unblockUI('.block-panel-box');
});
request.always(function () {
$inputs.prop("disabled", false);
});
下面是我的default.blade.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Test Project</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta name="csrf-token" content="{{csrf_token()}}">
<link href="http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/font-awesome.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/simple-line-icons.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/bootstrap.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/components-md.min.css")}}" rel="stylesheet" id="style_components" type="text/css" />
<link href="{{asset("public/css/plugins-md.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/layout.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/blue.min.css")}}" rel="stylesheet" type="text/css" id="style_color" />
<link href="{{asset("public/css/responsive.css")}}" rel="stylesheet" type="text/css" />
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body class="page-header-fixed page-sidebar-closed-hide-logo page-container-bg-solid page-sidebar-closed page-md">
@include('user.layout.header')
<div class="clearfix"> </div>
<div class="page-container">
@include('user.layout.sidebar')
<div class="page-content-wrapper">
@yield('content')
</div>
</div>
@include('user.layout.footer')
<div class="quick-nav-overlay"></div>
<script src="{{asset("public/js/jquery.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/bootstrap.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/jquery.slimscroll.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/app.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/category-add.js")}}" type="text/javascript"></script>
</body>
</html>
下面是我的分类路由文件route.php
Route::group(['middleware' => ['web','auth']], function () {
Route::post('/category-add', array("as" => "category-add","uses" => "CategoryController@store"));
});
下面是我的CategoryController.php
class CategoryController extends Controller {
public function store(Request $request) {
$inputs = $request->all();
$category = Category::create($inputs);
if($category){
$responseArray = array("status"=>true,"message"=>"Category successfully created");
} else {
$responseArray = array("status"=>false,"message"=>"Could not add category please try again later");
}
return response()->json($responseArray);
}
}
下面是我的.env文件
APP_ENV=local
APP_DEBUG=true
APP_KEY=base64:ratSluNv930gb3wp1UOabW6Ze3jEJn3ixtTX/wgqYZc=
APP_URL=http://project.dev/ts/cart-products
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=cart-products
DB_USERNAME=hellocart
DB_PASSWORD=j@yshre33r@m
CACHE_DRIVER=file
SESSION_DRIVER=file
QUEUE_DRIVER=sync
下面是我的config/session.php文件
return [
'driver' => env('SESSION_DRIVER', 'file'),
'lifetime' => 120,
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => null,
'table' => 'sessions',
'lottery' => [2, 100],
'cookie' => 'cart-products',
'path' => '/ts/cart-products', //Change path variable URL form '/cart-products' to '/ts/cart-products'
'domain' => null,
'secure' => false,
'http_only' => true,
];
下面是我的Kernal.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
'throttle:60,1',
],
];
我认为你应该在要发送的数据中注入“_token”。那样
data : {
'_token' : "{{ csrf_token() }}",
'data' : formData
}
我会尝试删除类别-add.js 中的 "helpers" 条目,然后将 "ajaxSetup" 复制到同一文件中,然后再发送 ajax 请求。
<div class="quick-nav-overlay"></div>
<script src="{{asset("public/js/jquery.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/bootstrap.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/jquery.slimscroll.min.js")}}" type="text/javascript"></script>
<script type="text/javascript">
var _token = "{{ csrf_token() }}";
</script>
<script src="{{asset("public/js/app.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/category-add.js")}}" type="text/javascript"></script>
如您所见,我添加了 var _token = "{{ csrf_token() }}";在你的 js 文件之前,所以你可以在任何实现这个 blade 的 js 文件中重用这个变量,而在 ajax 中你只是这样做:
request = $.ajax({
url: $("#category-add").attr("action"),
type: "POST",
data: {
'_token' : _token,
'data' : formData
},
processData: false,
contentType: false,
dataType: "json"
});
按照步骤
项目folder/app/http/kernal.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
// \App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
将此行放在评论中
\App\Http\Middleware\VerifyCsrfToken::class,
你可以这样设置X-CSRF-TOKEN。详情请见laravel官方网站
<meta name="csrf-token" content="{{ csrf_token() }}">
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
在您的情况下,您没有正确设置 config/session 中的会话 Cookie 路径。php 到子目录,因为您的项目不在域的根目录中。
所以如果你的 APP_URL 是 http://project.dev/ts/cart-products
那么你在 config/session.php 中的路径应该如下
'path' => '/ts/cart-products'
您忘记添加“/ts”。
我在 Ajax 提交时收到 TokenMismatch 错误 当我提交表单时出现错误。这里我用的是Laravel 5.2。我在 ajax 通话中传递 X-CSRF-TOKEN 的地方。在 default.blade.php 上的元上设置令牌。我已经尝试了 Whosebug.
- 正在更改存储文件夹的权限。
- 已尝试清除缓存。
- 尝试添加
Route::group(['middleware' => ['web','auth']], function () { - 将
token添加到 ajax 函数的 header。 - 尝试在表单中添加
token字段。
任何人都可以从下面的代码中找到任何解决方案。
知道我哪里出错了吗?任何帮助将不胜感激
下面是我的分类 HTML 表格 category.blade.php:
<form method="POST" name="category-add-form" id="category-add-form" action="{{route("category-add")}}" accept-charset="UTF-8">
{{csrf_field()}}
<div class="form-group">
<label for="title">Category Title:</label>
<input class="form-control" name="category_title" type="text" value="" id="category_title">
</div>
<div class="form-group">
<label for="body">Description:</label>
<textarea class="form-control" name="category_description" cols="50" rows="10" id="category_description"></textarea>
</div>
<div class="form-group">
<input class="btn btn-primary form-control" type="submit" value="Add CAtegory">
</div>
</form>
下面是我的 app.js.
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
下面是我的 category-add.js 这是我的 ajax 代码。我没有包括整个功能。
var request;
var $inputs = $("#category-add").find("input, select, button, textarea");
var formData = new FormData($("#category-add")[0]);
request = $.ajax({
url: $("#category-add").attr("action"),
type: "POST",
data: formData,
processData: false,
contentType: false,
dataType: "json",
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
request.done(function (response, textStatus, jqXHR) {
//Notification.init(response.message);
//App.unblockUI('.block-panel-box');
});
request.error(function (response, textStatus, jqXHR) {
//App.unblockUI('.block-panel-box');
});
request.always(function () {
$inputs.prop("disabled", false);
});
下面是我的default.blade.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Test Project</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta name="csrf-token" content="{{csrf_token()}}">
<link href="http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/font-awesome.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/simple-line-icons.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/bootstrap.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/components-md.min.css")}}" rel="stylesheet" id="style_components" type="text/css" />
<link href="{{asset("public/css/plugins-md.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/layout.min.css")}}" rel="stylesheet" type="text/css" />
<link href="{{asset("public/css/blue.min.css")}}" rel="stylesheet" type="text/css" id="style_color" />
<link href="{{asset("public/css/responsive.css")}}" rel="stylesheet" type="text/css" />
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body class="page-header-fixed page-sidebar-closed-hide-logo page-container-bg-solid page-sidebar-closed page-md">
@include('user.layout.header')
<div class="clearfix"> </div>
<div class="page-container">
@include('user.layout.sidebar')
<div class="page-content-wrapper">
@yield('content')
</div>
</div>
@include('user.layout.footer')
<div class="quick-nav-overlay"></div>
<script src="{{asset("public/js/jquery.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/bootstrap.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/jquery.slimscroll.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/app.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/category-add.js")}}" type="text/javascript"></script>
</body>
</html>
下面是我的分类路由文件route.php
Route::group(['middleware' => ['web','auth']], function () {
Route::post('/category-add', array("as" => "category-add","uses" => "CategoryController@store"));
});
下面是我的CategoryController.php
class CategoryController extends Controller {
public function store(Request $request) {
$inputs = $request->all();
$category = Category::create($inputs);
if($category){
$responseArray = array("status"=>true,"message"=>"Category successfully created");
} else {
$responseArray = array("status"=>false,"message"=>"Could not add category please try again later");
}
return response()->json($responseArray);
}
}
下面是我的.env文件
APP_ENV=local
APP_DEBUG=true
APP_KEY=base64:ratSluNv930gb3wp1UOabW6Ze3jEJn3ixtTX/wgqYZc=
APP_URL=http://project.dev/ts/cart-products
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=cart-products
DB_USERNAME=hellocart
DB_PASSWORD=j@yshre33r@m
CACHE_DRIVER=file
SESSION_DRIVER=file
QUEUE_DRIVER=sync
下面是我的config/session.php文件
return [
'driver' => env('SESSION_DRIVER', 'file'),
'lifetime' => 120,
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => null,
'table' => 'sessions',
'lottery' => [2, 100],
'cookie' => 'cart-products',
'path' => '/ts/cart-products', //Change path variable URL form '/cart-products' to '/ts/cart-products'
'domain' => null,
'secure' => false,
'http_only' => true,
];
下面是我的Kernal.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
'throttle:60,1',
],
];
我认为你应该在要发送的数据中注入“_token”。那样
data : {
'_token' : "{{ csrf_token() }}",
'data' : formData
}
我会尝试删除类别-add.js 中的 "helpers" 条目,然后将 "ajaxSetup" 复制到同一文件中,然后再发送 ajax 请求。
<div class="quick-nav-overlay"></div>
<script src="{{asset("public/js/jquery.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/bootstrap.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/jquery.slimscroll.min.js")}}" type="text/javascript"></script>
<script type="text/javascript">
var _token = "{{ csrf_token() }}";
</script>
<script src="{{asset("public/js/app.min.js")}}" type="text/javascript"></script>
<script src="{{asset("public/js/category-add.js")}}" type="text/javascript"></script>
如您所见,我添加了 var _token = "{{ csrf_token() }}";在你的 js 文件之前,所以你可以在任何实现这个 blade 的 js 文件中重用这个变量,而在 ajax 中你只是这样做:
request = $.ajax({
url: $("#category-add").attr("action"),
type: "POST",
data: {
'_token' : _token,
'data' : formData
},
processData: false,
contentType: false,
dataType: "json"
});
按照步骤
项目folder/app/http/kernal.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
// \App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
将此行放在评论中
\App\Http\Middleware\VerifyCsrfToken::class,
你可以这样设置X-CSRF-TOKEN。详情请见laravel官方网站
<meta name="csrf-token" content="{{ csrf_token() }}">
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
在您的情况下,您没有正确设置 config/session 中的会话 Cookie 路径。php 到子目录,因为您的项目不在域的根目录中。
所以如果你的 APP_URL 是 http://project.dev/ts/cart-products
那么你在 config/session.php 中的路径应该如下
'path' => '/ts/cart-products'
您忘记添加“/ts”。