令牌不匹配execption - laravel權威性

Question

我有以下途徑

Route::controller('users', 'UsersController'); 

控制器

class UsersController extends BaseController { 
    protected $layout = "layouts.login"; 

    public function __construct() { 
     $this->beforeFilter('csrf', array('on'=>'post')); 
     $this->beforeFilter('auth', array('only'=>array('getDashboard'))); 
    } 


    public function getRegister() { 
    $this->layout->content = View::make('users.register'); 
    } 


    public function logout() { 
     Auth::logout(); 
     return Redirect::to('users/login') 
     ->with('message', 'Good Bye') 
     ->withInput(); 
    } 

    public function getLogin() { 
     $this->layout->content = View::make('users.login'); 
    } 

    public function postSignin() { 
     if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password'),'role'=>'admin'))) { 
    return Redirect::to('mix/dashboard')->with('message', 'You are now logged in!'); 
    } 
    else { 
    return Redirect::to('users/login') 
     ->with('message', 'Your username/password combination was incorrect') 
     ->withInput(); 
}   
    } 

    public function postCreate() { 
     $validator = Validator::make(Input::all(), User::$rules); 

     if ($validator->passes()) { 
      // validation has passed, save user in DB 
      $user = new User; 
      $user->firstname = Input::get('firstname'); 
      $user->lastname = Input::get('lastname'); 
      $user->email = Input::get('email'); 
      $user->password = Hash::make(Input::get('password')); 
      $user->save(); 

      return Redirect::to('users/login')->with('message', 'Thanks for registering!'); 

     } else { 
      // validation has failed, display error messages  
      return Redirect::to('users/register')->with('message', 'The following errors occurred')->withErrors($validator)->withInput(); 

     } 
    } 


} 

視圖

<div class="login-body"> 
<h2>SIGN IN</h2> 
<form method="post" action="{{Request::root()}}/users/Signin"> 


    <div class="control-group"> 
     <div class="email controls"> 
     {{ Form::text('email', null, array('class'=>'input-block-level', 'placeholder'=>'Email Address', 'data-rule-required'=>'true' ,'data-rule-email'=>'true')) }} 
     </div> 
    </div> 
    <div class="control-group"> 
     <div class="pw controls"> 
      {{ Form::password('password', array('class'=>'input-block-level', 'placeholder'=>'Password','data-rule-required'=>'true')) }} 
      <input type="hidden" name="_token" value="<?php echo csrf_token(); ?>"> 
     </div> 
    </div> 
    <div class="submit"> 
    <div class="remember"> 
     <input type="checkbox" name="remember" class='icheck-me' data-skin="square" data-color="blue" id="remember"> <label for="remember">Remember me</label> 
    </div> 
    {{ Form::submit('Login', array('class'=>'btn btn-primary'))}} 

{{ Form::close() }} 

<div class="forget"> 
       <a href="#"><span>Forgot password?</span></a> 
      </div> 
     </div> 

每當我嘗試登錄它顯示tokenmismatch異常錯誤和表演接下來是filter.php

Route::filter('csrf', function() 
{ 
    if (Session::token() != Input::get('_token')) 
    { 
     throw new Illuminate\Session\TokenMismatchException; 
    } 
}); 

我一直毫無頭緒過去三天......

糟糕的是，這個錯誤會自動來了，這是工作的罰款早些時候..我沒有做在所有的任何變化！

Answer 1

您可能會在/users/Signin路線中添加crsf過濾器。您有以下幾種選擇：

首先，您可以從路線中刪除crsf過濾器。

其次，你應該在csrf令牌添加到您的形式輸入（<form ...>行之後）

{{ Form::token(); }} 

或者您可以使用Form宏更改Form聲明與還包括CSRF令牌。

{{ Form::open(array('url' => 'users/Signin')); }} 

我希望它可以幫助你。

Answer 2

避免在您的GET路線上擁有csrf路線，因爲它們沒有令牌並且會拋出TokenMismatchException。隨着中說，你可以看一下這個代碼片段，你可以在你的控制器中添加，以避免這些異常： `類UserController的擴展BaseController {

/** 
* Instantiate a new UserController instance. 
*/ 
public function __construct() 
{ 
    $this->beforeFilter('auth', array('except' => 'getLogin')); 

    $this->beforeFilter('csrf', array('on' => 'post')); 

    $this->afterFilter('log', array('only' => 
         array('fooAction', 'barAction'))); 
} 

} `

正如你所看到的CSRF過濾器只有被應用於POST方法，並且auth只應用於getLogin控制器方法。

Answer 3

這是客戶端的問題

我剛剛刪除cookie，然後它開始工作。