Search code examples

TokenMismatchException in VerifyCsrfToken.php line 53 in Laravel 5.1

When I try to login show me token error. I have checked token in view form it's right and when comment \App\Http\Middleware\VerifyCsrfToken::class, in the Kernel.php it makes me login but after Redirect to my dashboard I'm not logged in. I am using MAMP on mac.

        {!! Form::open(['url'=>'user/login','class' => '']) !!}
        <input type="hidden" name="_token" value="{{ csrf_token() }}">
          <li><label>Customer Code</label>{!!Form::Text('customer_code',Input::old('customer_code'),['class'=>''])!!}</li>
          <li>{!! Form::submit('Submit',array('class' => 'btn')) !!}</li>
    <div><a href="{!!URL::to('user/forget_password')!!}">Forget Password</a></div>

Meanwhile I use Sentry Package for login.

     * post_login
    public function post_login()
            $rules  = [ 
                    'customer_code'         => 'required',
                    'password'              => 'required',
                ] ;                    
            $message = [ 
                    'customer_code.required'             => 'erorrr1',
                    'password.required'                =>'error2'    
            $validator = Validator::make(Input::all(), $rules,$message);
            if ($validator->fails())
                return Redirect::back()->withErrors($validator)->withInput();        
            } // if ($validator->fails())
            $authUser = Sentry::authenticateAndRemember(array(
                                      'customer_code'    => Input::get('customer_code'),
                                      'password' => Input::get('password')), false);

                                //$login = Sentry::loginAndRemember($authUser);
                                 return Redirect::to('user/panel/'.$authUser->id)->with('comment', 'Welcome');
                             return Redirect::back()->with('comment', 'Error for login');
         catch(\Exception $e)
             return Redirect::back()->withInput(Input::except('password','file'))->withErrors(['ERROR!!!!!']);


  • Edited:

    Since you are using Form builder remove this from your form. Laravel form builder automatically adds a hidden token field to your form when you do Form::open()

    So remove this line:

     <input type="hidden" name="_token" value="{{ csrf_token() }}">