I am having number of pages after user login .I want to disabled browser back button.
I have tried prevent Back Middleware in Laravel for cache clear but when I am using this middleware its prevent me to login again it showing me 419 error.
Can anyone please help me to resolved this.
Related
How can I ensure that as soon as the user is logged-in in Laravel-9 he can no longer go to the login page via browser back button?
I searched the internet for solutions. I have read in several places that it is not possible or that I have to use Javascript.
Just to be sure, I have decided to post my question here and I hope you can help me.
Is there any way to do this? If the solution is with javascript, how can I solve that with javascript?
Thanks
if you open guest Middleware /app/Http/Middleware/RedirectIfAuthenticated.php in your project, you can see the handle function with this condition:
...
if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}
...
It means that after login to the site if users try to go to the login page, the browser redirects the page to the HOME address. So users cannot access the login page after logging into your site.
finally, in your \routes\web.php file, you must apply guest Middleware on your register route in this way:
Route::get('register',[RegisterController::class,'create'])->middleware('guest');
Note: you can edit HOME address from the /app/Providers/RouteServiceProvider.php file.
This page lists several ways you could try to disable the back button via javascript, but none are guaranteed.
By default Laravel 9 has the RedirectIfAuthenticated middleware under App\Http\Middleware which checks if the user is logged in Auth::guard($guard)->check() and if they are they are taken to the /dashboard url otherwise they are not. The Middleware is registered as 'guest' in the $routeMiddleware array inside Kernel.php, this means that you can apply guest middleware to all routes that you do not need be accessed by logged in users.
I'm developing an app in shopify app market
As you know, shopify apps work in iframe. I've no problem in session when i directly use the app in browser without iframe.
The issue is only within iframe.
I'll process oauth for shopify and redirect it to my app url inside the iframe. I'll set required session data if oauth is successfull.
But as soon as the page is redirected to the dashboard page after setting session. The dashboard page doesn't have the session data which i set earlier
In oauth success block, i used this to set session data
$this->session->set_userdata('variable', array('uid' => 15));
In dashboard page, i used this to get session data
print_r($this->session->userdata('variable'));
But here i receive empty nothing else.
I tried many solutions in the web regarding this issue
But their issue is with or without iframe.
I tried lots of solutions, but nothing worked for me
Fyi, CI Version is 3.1.11
PHP Version is 7.1.9 and also tested with 7.4.21
I tried
ini_set('session.id', $params['cookie_name']);
and manually commenting our session_start() and other lines in Session.php files and other stuff
Nothing is fixed this issue
Any help would be greatly appreciated
We've recently deployed a Laravel Application and experienced some weird issues with Some Safari Versions on our application.
When surfing on our applications, especially if the user is not authorized, we sometimes have on Safari the Problem that the XSRF-Token is not present within the Request/Response-Header.
On application Forms, the missing token results in a 419 Page expired issue.
The Problem only appears sometimes in some versions of Safari. Mostly a Reset Cache & Cookies fixes the Problem for 1 or 2 form request.
I did a complete reset of Safari
Allowed Cookie
Allowed Tracking
Disabled Plug-Ins
Technology
We use PHP 8.0 and the latest Laravel release. For the Frontend, there is a vue.js application with inertia.js as a connector. Regarding passing csrf-tokens to the Frontend, there is no further configuration needed to pass down the csrf-token. (Soruce)
I tried to capture the TokenMismatchExpection but no chance only the HTTPException works.
The question I have:
Does anybody experience similar problems? How can I prevent them?
Attached some Laravel Debugbar Screenshots.
left side Safari 14.03 | right side Chrome
Page expired screen
I ran in the same issue. I pinned the problem down to Safari ignoring the 'Set-Cookie' response header if the page was opened via a link from another site. (In my case, it's a link in an email opened in MailHog). If the link is opened in a new tab by hand, the problem is gone.
Due to the missing XSRF-TOKEN cookie, axios doesn't set the X-XSRF-TOKEN header in the requests leading to the 419 from Laravel.
So far I haven't found a feasible solution to inject the X-XSRF-TOKEN header by hand because the the VerifyCsrfToken Middleware expects the token to be an encrypted cookie.
I'm having an issue when deploying. When logging into Laravel Nova it just refreshes the login screen over and over again and seems stuck in a loop. whether you enter the wrong or right credentials makes no difference. There are no error messages and reloads the login page.
All working on localhost, and the wrong credentials error message does show up on local if incorrect details entered. Strange issue just generated a server on Forge + DigitalOcean. I don't see what could be the issue.
It's the post form trying to post to http instead of https... if anyone has that issue hope it helped
I'm using laravel Auth. When I login into my website all works great. When I try to refresh or go to another page (still using Auth middleware) my session is expired, I'm directly logged-out and I must login again. How can I fix this so I remain logged in when refreshing the page or browsing to another?