VerifyCsrfToken 中的 TokenMismatchException - Laravel 5.1
TokenMismatchException in VerifyCsrfToken - Laravel 5.1
我正在使用 Laravel 5.1 构建 REST API,但出现此错误:
TokenMismatchException in VerifyCsrfToken.php line 53:
这是我的 routes.php:
Route::controller('city' , 'CityController' );
城市管理员:
class CityController extends Controller
{
public function postLocalities()
{
$city = Input::get('cityName');
$response = $city;
return $response;
}
}
这是我点击 URL 时出错的 Stacktrace
http://localhost:8000/city/localities?cityName=bangalore 使用 POST 方法。
TokenMismatchException in VerifyCsrfToken.php line 53:
in VerifyCsrfToken.php line 53
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
ShareErrorsFromSession.php line 54
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Kernel.php line 122
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 87
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\Users\betaworks02\Documents\gharbhezoBackend\public\index.php') in server.php line 21
如果您正在构建 API,最好将 CRSF 中间件放置在每个路由的基础上,而不是将其作为全局中间件放置。要将其作为路由中间件,请转到“/app/Http/Kernel.php”文件。
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
//comment out to avoid CSRF Token mismatch error
// 'App\Http\Middleware\VerifyCsrfToken',
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
'cors' => 'App\Http\Middleware\CorsMiddleware',
'api' => 'App\Http\Middleware\ApiMiddleware',
'csrf' => 'App\Http\Middleware\VerifyCsrfToken'// add it as a middleware route
现在您可以将它放在您需要的路线上,例如
Route::get('someRoute', 数组('uses' => 'HomeController@getSomeRoute', 'middleware' => 'csrf'));
对于您不需要 CSRF 令牌匹配的情况,它现在应该可以正常工作。
您不需要从您的应用中完全覆盖 CFSR 令牌。在您的 App/Http/Midlleware 文件夹中,转到 VerifyCsrfToken.php 并包含您的 API 异常路由,如下所示:
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'api/*',
];
* 显示您 API 内的所有路线。
我遇到了同样的错误,但是由于所有关于覆盖 CSRF 验证的警告,我不想更改这些设置。
我最终发现我在 /config/session.php 中的会话驱动程序默认为 memcached,并且由于我在开发服务器上,所以我需要覆盖 SESSION_DRIVER env 变量'file' 使用 /storage/framework/sessions 中的会话。
/.env
SESSION_DRIVER = file
我正在使用 Laravel 5.1 构建 REST API,但出现此错误:
TokenMismatchException in VerifyCsrfToken.php line 53:
这是我的 routes.php:
Route::controller('city' , 'CityController' );
城市管理员:
class CityController extends Controller
{
public function postLocalities()
{
$city = Input::get('cityName');
$response = $city;
return $response;
}
}
这是我点击 URL 时出错的 Stacktrace http://localhost:8000/city/localities?cityName=bangalore 使用 POST 方法。
TokenMismatchException in VerifyCsrfToken.php line 53:
in VerifyCsrfToken.php line 53
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
ShareErrorsFromSession.php line 54
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Kernel.php line 122
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 87
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\Users\betaworks02\Documents\gharbhezoBackend\public\index.php') in server.php line 21
如果您正在构建 API,最好将 CRSF 中间件放置在每个路由的基础上,而不是将其作为全局中间件放置。要将其作为路由中间件,请转到“/app/Http/Kernel.php”文件。
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
//comment out to avoid CSRF Token mismatch error
// 'App\Http\Middleware\VerifyCsrfToken',
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
'cors' => 'App\Http\Middleware\CorsMiddleware',
'api' => 'App\Http\Middleware\ApiMiddleware',
'csrf' => 'App\Http\Middleware\VerifyCsrfToken'// add it as a middleware route
现在您可以将它放在您需要的路线上,例如
Route::get('someRoute', 数组('uses' => 'HomeController@getSomeRoute', 'middleware' => 'csrf'));
对于您不需要 CSRF 令牌匹配的情况,它现在应该可以正常工作。
您不需要从您的应用中完全覆盖 CFSR 令牌。在您的 App/Http/Midlleware 文件夹中,转到 VerifyCsrfToken.php 并包含您的 API 异常路由,如下所示:
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'api/*',
];
* 显示您 API 内的所有路线。
我遇到了同样的错误,但是由于所有关于覆盖 CSRF 验证的警告,我不想更改这些设置。
我最终发现我在 /config/session.php 中的会话驱动程序默认为 memcached,并且由于我在开发服务器上,所以我需要覆盖 SESSION_DRIVER env 变量'file' 使用 /storage/framework/sessions 中的会话。
/.env
SESSION_DRIVER = file