我有以下路线
Route::controller('users', 'UsersController');
控制器
class UsersController extends BaseController {
protected $layout = "layouts.login";
public function __construct() {
$this->beforeFilter('csrf', array('on'=>'post'));
$this->beforeFilter('auth', array('only'=>array('getDashboard')));
}
public function getRegister() {
$this->layout->content = View::make('users.register');
}
public function logout() {
Auth::logout();
return Redirect::to('users/login')
->with('message', 'Good Bye')
->withInput();
}
public function getLogin() {
$this->layout->content = View::make('users.login');
}
public function postSignin() {
if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password'),'role'=>'admin'))) {
return Redirect::to('mix/dashboard')->with('message', 'You are now logged in!');
}
else {
return Redirect::to('users/login')
->with('message', 'Your username/password combination was incorrect')
->withInput();
}
}
public function postCreate() {
$validator = Validator::make(Input::all(), User::$rules);
if ($validator->passes()) {
// validation has passed, save user in DB
$user = new User;
$user->firstname = Input::get('firstname');
$user->lastname = Input::get('lastname');
$user->email = Input::get('email');
$user->password = Hash::make(Input::get('password'));
$user->save();
return Redirect::to('users/login')->with('message', 'Thanks for registering!');
} else {
// validation has failed, display error messages
return Redirect::to('users/register')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
}
}
}
视图
<div class="login-body">
<h2>SIGN IN</h2>
<form method="post" action="{{Request::root()}}/users/Signin">
<div class="control-group">
<div class="email controls">
{{ Form::text('email', null, array('class'=>'input-block-level', 'placeholder'=>'Email Address', 'data-rule-required'=>'true' ,'data-rule-email'=>'true')) }}
</div>
</div>
<div class="control-group">
<div class="pw controls">
{{ Form::password('password', array('class'=>'input-block-level', 'placeholder'=>'Password','data-rule-required'=>'true')) }}
<input type="hidden" name="_token" value="<?php echo csrf_token(); ?>">
</div>
</div>
<div class="submit">
<div class="remember">
<input type="checkbox" name="remember" class='icheck-me' data-skin="square" data-color="blue" id="remember"> <label for="remember">Remember me</label>
</div>
{{ Form::submit('Login', array('class'=>'btn btn-primary'))}}
{{ Form::close() }}
<div class="forget">
<a href="#"><span>Forgot password?</span></a>
</div>
</div>
每当我尝试登录时,都会显示 tokenmismatch异常错误并显示以下过滤行.php
Route::filter('csrf', function()
{
if (Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
过去三天我一直无能为力......
最糟糕的是,这个错误自动出现,之前工作正常..我根本没有做任何改动!
答案 0 :(得分:1)
这是客户端问题
我刚刚删除了Cookie,然后就开始工作了。
答案 1 :(得分:0)
您可能会在crsf路线中添加/users/Signin过滤器。您有几种选择:
首先,您可以从路线中删除crsf过滤器。
其次,您应该在表单输入中添加csrf令牌(在<form ...>行之后)
{{ Form::token(); }}
或者您可以使用Form宏更改Form声明,同时还包含csrf令牌。
{{ Form::open(array('url' => 'users/Signin' ) ); }}
我希望它可以帮到你。
答案 2 :(得分:0)
避免在csrf路由上使用GET,因为他们没有令牌并且会抛出TokenMismatchException。有了这个说你可以看看你可以在控制器中添加的这段代码,以避免这些异常:
`class UserController扩展了BaseController {
/**
* Instantiate a new UserController instance.
*/
public function __construct()
{
$this->beforeFilter('auth', array('except' => 'getLogin'));
$this->beforeFilter('csrf', array('on' => 'post'));
$this->afterFilter('log', array('only' =>
array('fooAction', 'barAction')));
}
} `
正如您所看到的,CSRF过滤器仅 应用于POST方法,而auth只应用于getLogin控制器方法。