Laravel TokenMismatchException数据库会话 [英] Laravel TokenMismatchException database session
问题描述
当从文件切换到数据库会话时,My $ request-> input(_token)与$ request-> session() - > toke()不匹配。 >这导致CSRF TokenMismatchException。从数据库切换回文件sessons驱动程序不会发生不匹配。
有谁知道为什么我得到这种不匹配,并可能如何解决它? :) 使用Laravel 5.0 php artisan session:table:创建Laravel会话表 VerifyCsrfToken Illuminate \Foundation\Middleware 在切换到数据库sesseio驱动程序后,数据库表中会填入数据: 我生成的HTML csrf_tokens 如果您使用Laravel 5.4 *绊倒这个问题,这是你需要做的事情 请注意您在下一步需要的DB_CONNECTION设置。 2- update config / session.php文件 4-如果由于某种原因您决定创建表,而不使用迁移,使用此SQL。这是非常重要的一步,错误的表格会导致各种问题。
我做了什么: b
$ b
PHP 5.6.30 b
$ b
composer dump-autoload
php artisan config:clear $ b $我的session.php配置如下所示:
$ b
return [
'driver'=> 'database',
'lifetime'=> 120,
'expire_on_close'=>假,
'encrypt'=>假,
'文件'=> storage_path()。'/ framework / sessions',
'connection'=> null,
'table'=> 'laravel_session',
'lottery'=> [2,100],
'cookie'=> 'laravel_session',
'path'=> '/',
'domain'=> null,
'secure'=>假,
];
protected function tokensMatch($ request)
{
$ tok = $ request-> input('_ token'); // 4ExGXl9mRM75d7brfQhgIWcQzsSVjnUHDoDcKJxp
$ tokhead = $ request-> header('X-CSRF-TOKEN');
$ sessToken = $ request-> session() - > token(); // 57DLb3uTs8brVPKpBxor14Hg0ZvQPpYW3flktP86
$ token = $ request-> input('_ token')?:$请求 - >报头( 'X-CSRF-TOKEN');
$ b $ if(!$ token&& $ header = $ request-> header('X-XSRF-TOKEN'))
{
$ token = $ this - > encrypter->解密($头);
return StringUtils :: equals($ request-> session() - > token(),$ token);
SELECT id,payload,last_activity,user_id FROM kartserver_2.laravel_session;
d33d5782e1eed56771baa56f9410a24b9e628ff6 YToxNzp7czo2OiJfdG9rZW4iO3M6NDA6Ikh6dUc4WG1PUDFZalRHY0QwcW5QZzlFSGRUSkJ3ZmVOUkVjM0RJVk0iO3M6NToiZmxhc2giO2E6Mjp7czozOiJvbGQiO2E6MDp7fXM6MzoibmV3IjthOjA6e319czoyMDoicGFzc3dvcmRSZXF1aXJlbWVudHMiO086NDE6Ikhhd2tTb2Z0d2FyZVxTZWN1cml0eVxQYXNzd29yZFJlcXVpcmVtZW ... 1487315670 1862
< input type =hiddenname =_ tokenid =_ tokenvalue ={!! csrf_token )!!}>
1-更新您的.env文件
<$ p $在您的项目根目录下,您可以使用以下命令:#file = .env
$ b DB_CONNECTION = mysql
DB_HOST = 127.0.0.1
DB_PORT = 3306
DB_DATABASE = testdb
DB_USERNAME = db_user
DB_PASSWORD = secret_pass
$ b SESSION_DRIVER =数据库
连接参数应该在哪里在.env文件中保存用于DB_CONNECTION的字符串
#file = config / session.php
'driver'=> env('SESSION_DRIVER','数据库'),
'连接'=> 'mysql',//这是从.env文件中的DB_CONNECTION
<3-> 3-生成会话表
php artisan session:table
//运行迁移!!!非常非常重要
php artisan migrate
主要不会出现像以往一样手动创建表作为bigint的错误,会话表不同。
会话表的SQL如果要手动创建,则运行
DROP TABLE IF EXISTS`sessions`;
创建表会话
(
id varchar(255)不为null,
user_id int(10)unsigned null,
ip_address varchar(45)null,
user_agent text null,
有效载荷文本不为空,
last_activity int不为空,
约束sessions_id_unique
unique(id)
)
$ c
$ b 在将db设置为会话保存路径之后,应该解决令牌不匹配异常。
My $request->input(_token) is a mismatch of $request->session()->toke() when switching from file to database sessions.
This is causing a CSRF TokenMismatchException. When switching back from database to file sessons driver the mismatch does not occur.
Does anyone know why i get this mismatch and possibly how to resolve it? :)
What i have done:
Using Laravel 5.0
PHP 5.6.30
php artisan session:table : Created Laravel session table
composer dump-autoload
php artisan config:clear
php arisan config:cache
My session.php config looks like this:
return [
'driver' => 'database',
'lifetime' => 120,
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path().'/framework/sessions',
'connection' => null,
'table' => 'laravel_session',
'lottery' => [2, 100],
'cookie' => 'laravel_session',
'path' => '/',
'domain' => null,
'secure' => false,
];
VerifyCsrfToken Illuminate\Foundation\Middleware
protected function tokensMatch($request)
{
$tok = $request->input('_token') ; //4ExGXl9mRM75d7brfQhgIWcQzsSVjnUHDoDcKJxp
$tokhead = $request->header('X-CSRF-TOKEN');
$sessToken = $request->session()->token();//57DLb3uTs8brVPKpBxor14Hg0ZvQPpYW3flktP86
$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
if ( ! $token && $header = $request->header('X-XSRF-TOKEN'))
{
$token = $this->encrypter->decrypt($header);
}
return StringUtils::equals($request->session()->token(), $token);
Database table is populated with data after switching to database sesseio driver:
SELECT id, payload, last_activity, user_id FROM kartserver_2.laravel_session;
d33d5782e1eed56771baa56f9410a24b9e628ff6 YToxNzp7czo2OiJfdG9rZW4iO3M6NDA6Ikh6dUc4WG1PUDFZalRHY0QwcW5QZzlFSGRUSkJ3ZmVOUkVjM0RJVk0iO3M6NToiZmxhc2giO2E6Mjp7czozOiJvbGQiO2E6MDp7fXM6MzoibmV3IjthOjA6e319czoyMDoicGFzc3dvcmRSZXF1aXJlbWVudHMiO086NDE6Ikhhd2tTb2Z0d2FyZVxTZWN1cml0eVxQYXNzd29yZFJlcXVpcmVtZW... 1487315670 1862
I am generating csrf_tokens in html
<input type="hidden" name="_token" id="_token" value="{!! csrf_token() !!}">
解决方案 If you are using Laravel 5.4* and you happen to stumble upon this problem, here is what you need to do
1- Update your .env file
# file = .env in your project root
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=testdb
DB_USERNAME=db_user
DB_PASSWORD=secret_pass
SESSION_DRIVER=database
Note the DB_CONNECTION setting here that you will need in next step.
2- update config/session.php file
Where connection param should hold the string you used for DB_CONNECTION in .env file
# file = config/session.php
'driver' => env('SESSION_DRIVER', 'database'),
'connection' => 'mysql', // this is from DB_CONNECTION in .env file
3- generate sessions table
php artisan session:table
// run the migration !!! very very important
php artisan migrate
4- if for some reason you decided to create the table manually without using migration , use this SQL. This is very important step, a wrong table will result in all kinds of problems.
Primarily do not make the mistake of creating a table manually with id column as bigint as usual, session table is different.
SQL for sessions table that you should run if you wanna create manually
DROP TABLE IF EXISTS `sessions`;
create table sessions
(
id varchar(255) not null,
user_id int(10) unsigned null,
ip_address varchar(45) null,
user_agent text null,
payload text not null,
last_activity int not null,
constraint sessions_id_unique
unique (id)
)
That should solve the token mismatch exception after setting db as session save path.
这篇关于Laravel TokenMismatchException数据库会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!