1. 首頁
  2. 問答
  3. Laravel 5.4谷歌雲TokenMismatchException

Laravel 5.4谷歌雲TokenMismatchException

2017-07-16 74 views
1

任何部署Laravel 5.4在谷歌雲?Laravel 5.4谷歌雲TokenMismatchException

我需要幫助,我不斷收到TokenMismatch例外 - VerifyCsrfToken.php線68不論加入{{ Session::token() }}{{ csrf_token() }}的。

經過調試,我發現在頁面刷新一個新的頁面加載token不斷變化+ 會話被刪除。 因此,我已經添加了Post deploy scripts

"post-deploy-cmd": [ 
"chmod -R 777 storage", 
"chmod -R 777 bootstrap\/cache", 
"php artisan cache:clear", 
"php artisan key:generate" 
]

這裏的session.php文件

<?php 

return [ 

/* 
|-------------------------------------------------------------------------- 
| Default Session Driver 
|-------------------------------------------------------------------------- 
| 
| This option controls the default session "driver" that will be used on 
| requests. By default, we will use the lightweight native driver but 
| you may specify any of the other wonderful drivers provided here. 
| 
| Supported: "file", "cookie", "database", "apc", 
|   "memcached", "redis", "array" 
| 
*/ 

'driver' => env('SESSION_DRIVER', 'file'), 

/* 
|-------------------------------------------------------------------------- 
| Session Lifetime 
|-------------------------------------------------------------------------- 
| 
| Here you may specify the number of minutes that you wish the session 
| to be allowed to remain idle before it expires. If you want them 
| to immediately expire on the browser closing, set that option. 
| 
*/ 

'lifetime' => 120, 

'expire_on_close' => false, 

/* 
|-------------------------------------------------------------------------- 
| Session Encryption 
|-------------------------------------------------------------------------- 
| 
| This option allows you to easily specify that all of your session data 
| should be encrypted before it is stored. All encryption will be run 
| automatically by Laravel and you can use the Session like normal. 
| 
*/ 

'encrypt' => false, 

/* 
|-------------------------------------------------------------------------- 
| Session File Location 
|-------------------------------------------------------------------------- 
| 
| When using the native session driver, we need a location where session 
| files may be stored. A default has been set for you but a different 
| location may be specified. This is only needed for file sessions. 
| 
*/ 

'files' => storage_path('framework/sessions'), 

/* 
|-------------------------------------------------------------------------- 
| Session Database Connection 
|-------------------------------------------------------------------------- 
| 
| When using the "database" or "redis" session drivers, you may specify a 
| connection that should be used to manage these sessions. This should 
| correspond to a connection in your database configuration options. 
| 
*/ 

'connection' => null, 

/* 
|-------------------------------------------------------------------------- 
| Session Database Table 
|-------------------------------------------------------------------------- 
| 
| When using the "database" session driver, you may specify the table we 
| should use to manage the sessions. Of course, a sensible default is 
| provided for you; however, you are free to change this as needed. 
| 
*/ 

'table' => 'sessions', 

/* 
|-------------------------------------------------------------------------- 
| Session Cache Store 
|-------------------------------------------------------------------------- 
| 
| When using the "apc" or "memcached" session drivers, you may specify a 
| cache store that should be used for these sessions. This value must 
| correspond with one of the application's configured cache stores. 
| 
*/ 

'store' => null, 

/* 
|-------------------------------------------------------------------------- 
| Session Sweeping Lottery 
|-------------------------------------------------------------------------- 
| 
| Some session drivers must manually sweep their storage location to get 
| rid of old sessions from storage. Here are the chances that it will 
| happen on a given request. By default, the odds are 2 out of 100. 
| 
*/ 

'lottery' => [2, 100], 

/* 
|-------------------------------------------------------------------------- 
| Session Cookie Name 
|-------------------------------------------------------------------------- 
| 
| Here you may change the name of the cookie used to identify a session 
| instance by ID. The name specified here will get used every time a 
| new session cookie is created by the framework for every driver. 
| 
*/ 

'cookie' => 'laravel_session', 

/* 
|-------------------------------------------------------------------------- 
| Session Cookie Path 
|-------------------------------------------------------------------------- 
| 
| The session cookie path determines the path for which the cookie will 
| be regarded as available. Typically, this will be the root path of 
| your application but you are free to change this when necessary. 
| 
*/ 

'path' => '/', 

/* 
|-------------------------------------------------------------------------- 
| Session Cookie Domain 
|-------------------------------------------------------------------------- 
| 
| Here you may change the domain of the cookie used to identify a session 
| in your application. This will determine which domains the cookie is 
| available to in your application. A sensible default has been set. 
| 
*/ 

'domain' => env('SESSION_DOMAIN', null), 

/* 
|-------------------------------------------------------------------------- 
| HTTPS Only Cookies 
|-------------------------------------------------------------------------- 
| 
| By setting this option to true, session cookies will only be sent back 
| to the server if the browser has a HTTPS connection. This will keep 
| the cookie from being sent to you if it can not be done securely. 
| 
*/ 

'secure' => env('SESSION_SECURE_COOKIE', false), 

/* 
|-------------------------------------------------------------------------- 
| HTTP Access Only 
|-------------------------------------------------------------------------- 
| 
| Setting this value to true will prevent JavaScript from accessing the 
| value of the cookie and the cookie will only be accessible through 
| the HTTP protocol. You are free to modify this option if needed. 
| 
*/ 

'http_only' => true, 

];

試過所有可用的選項,但它沒有幫助。

TIA enter image description here enter image description here

編輯1加AJAX調用]

HTML

<meta name="csrf-token" content="{{ csrf_token() }}" />

AJAX

 submitButton: '#seller_contact button[type="submit"]', 
    submitHandler: function (validator, form, submitButton) { 

     $.ajax({ 
      type: 'POST', 
      headers: { 
       'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content') 
      }, 
      url: '...', 
      data: $(form).serialize(), 
      error: function (xhr, ajaxOptions, thrownError) { 
       alert(xhr.status); 
       alert(xhr.message); 
       alert(xhr.messages); 
       console.log(xhr); 
       alert(thrownError); 
      }, 
      success: function (result) { 
       $("#premium-contact-form").html(result); 
      } 
     }); 
     return false; 
    },

來源

2017-07-16 silverFoxA

+0

只是出於興趣 - 你試用該Cookie會話的驅動程序? –

+0

@AaronFahey對不起,我沒有意識到這一點,你可以請描述更多? – silverFoxA

+1

試着改變你的''.env'部分SESSION_DRIVER'並設置它等於'cookie' - 我只是興趣看看這個得到「周圍」的問題。這基本上將會話存儲在加密的cookie中,而不是在文件系統中。 –

回答

0

嘗試使用cookie的會話驅動程序,通過在.ENV文件改變SESSION_DRIVER部分cookie。這會將每個用戶的會話存儲在加密的cookie中,而不是在文件系統中。

來源

2017-07-16 07:49:45

+0

以上內容與https://stackoverflow.com/a/42769727解決方案解決了我的問題。不要爲什麼'file'' SESSION_DRIVER'沒有工作 – silverFoxA

0

嘗試發送_token我場請求;

let token = $('input[type=hidden]').val(); 
$.post('/...', {_token: token, ...}) 
    .done(function (result) { 
     $("#premium-contact-form").html(result); 
    }) 
    .error(function (xhr, ajaxOptions, thrownError) { 
     alert(xhr.status); 
     alert(xhr.message); 
     alert(xhr.messages); 
     console.log(xhr); 
     alert(thrownError); 
    });

來源

2017-07-16 06:56:05

+0

的'token'值正在通過'數據傳遞: $(表單).serialize()'表單序列化 – silverFoxA

相關問題

 相關問題