I have seen many posts very similar question and they talk about redirecting to login page when of course you are logged in and a session times out.
My problem is the Login page itself which is using auth:guest middle-ware.
If I am on Login page... for 120mins and session times out and now I enter credentials and click submit button I get TokenMismatchException error.
I want to refresh login page when session has expired such that it has a new csrf token.
Thanks,
K
Add following to the app/Exception/Handler
use Illuminate\Session\TokenMismatchException;
and to render method
if ($e instanceof TokenMismatchException) {
if ( !$request->ajax() ) {
return redirect()->back()->withInput();
}
}
Related
i am working on PTC script where i am facing problem.when i view third page or second page ads then after confirming ad it will automatically redirect back to ads page but i want to redirect it back to the current page(for example if i view second page ad then after confirm it has to redirect to second page)
Here's the code.
UserAdvert Controller.php
session()->flash('message', 'This Ads Has Been Successfully Viewed.');
Session::flash('type', 'success');
Session::flash('title', 'Earn Successful');
return redirect()->route('userCash.links');
}
public function cashLinkShow($id)
{
$advert= Advert::findOrFail($id);
return view('user.viewads.showads', compact('advert'));
}
Route.php
Route::get('user/cash/links', 'UserAdvertsController#cashLinks')->name('userCash.links');
Route::get('user/cash/link/show/{id}', 'UserAdvertsController#cashLinkShow')->name('userCashLinks.show');
Route::get('user/cash/link/confirm/{id}', 'UserAdvertsController#cashLinkConfirm')->name('userCashLink.confirm');
Route::get('user/cash/links?page=links', 'UserAdvertsController#cashLinkPage')->name('userCash.links.page');
Site is redirecting to this address after viewing ads
Route::get('user/cash/links', 'UserAdvertsController#cashLinks')->name('userCash.links');
but i want to redirect back to the current page from where ad is view i created route for this
Route::get('user/cash/links?page', 'UserAdvertsController#cashLinkPage')->name('userCash.links.page');
but i don't know how to get parameter of paginated page.. kindly help me to resolve this issue.I am beginner in laravel thanks
You should try this:
use Redirect;
return Redirect::to('/user/cash/links');
i am using laravel 4 in my admin section its working fine in normal condition but when session is timeout and i refresh the page than its not redirect properly my admin login path is
localhost/project_name/public/admin/login
and when i logout its redirect properly but when automatic session out than its not go to to admin/login its redirect to the followin path
localhost/admin/login
so can any body tell me the solution for this
#Deepak Goyal,
define a before filter to check that in routes.php, something like:
Route::group(["before" => "auth"], function ()
{
//rest of the authenticated routes goes here
}
And in the filters.php
Route::filter("auth", function()
{
if (Auth::guest()) return Redirect::guest("admin/login");
});
I can successfully login with yam.platform.login but when I call
yam.getLoginStatus(
function (response) {
if (response.authResponse) {
yam.platform.logout(function (response) {
if (response) {
alert("logout success");
}
})
}
}
);
the inner callback function is never reached. Do people know what is happening?
EDIT: another strange behavior that could be related to the problem: after the above logout function call, the login status is still "connected" and I checked in Chrome that all cookies from yammer.com are deleted. But when I manually ask Chrome to delete the cookies, login status would return "unconnected".
Response from yam.platform.logout seems "false" after successful logout so you might try "if(response == false)" or even without if statement..
I was also facing the same issue. It is hard to believe that the issue still exists in 2018! I dug a bit more and found that after the app is authorized by user, Yammer server sends a cookie which gets stored in the browser somewhere (not tied to the session) and yam.platform.logout is unable to delete this cookie (Ideally it should!)
But I found a good workaround which is working neatly for me.
Below is JS in my login page:
$("#yammer-login").click(function(){
console.log("clicked");
yam.getLoginStatus(
function(resp) {
yam.platform.login(function (response) { //prompt user to login and authorize your app, as necessary
if (response.authResponse) {
console.dir(response); //print user information to the console
alert("login success");
}
$.ajax({
type:"POST",
url:"/setSession",
data:JSON.stringify(response,null,'\t'),
contentType:"application/json;charset=UTF-8",
success: function(result){
alert("Result from setSession is: "+result);
window.location.replace("/login");
}});
});
}
);
});
Here #yammer-login is the id for login element
<h2 class="sign-in">
<center>
Sign-in With Yammer
<br><br>
<span id="yammer-login">Click</span>
</center>
</h2>
Here is my workflow:
The JS on login page sends a POST request to setSession and sets the session. The execution of window.location.replace("/login"); sends a GET request to my server for /login url. As the session is now set, my server then redirects this request to the dashboard. After I click on logout button on the dashboard. I clear all the session cookies and redirect it back to the login page. As the session is now un-set- I see the login page again! All works smooth!
So, the next time user clicks on #yammer-login DOM element - the session gets set and she gets redirected to dashboard (this time without authorizing the app)!
Hope this helps someone who faces this issue like me in the future!
view has this anchor:
echo anchor('login', 'Login or Register');
how do i send the current url to my controller login? and then use it on another function called login_validation?
all i want is, login and back to the last url, however nothing works. so i thought saving the current url when i click "Login or Register" and then after login, on function login_validation, i should redirect to that url saved...
controller index
public function index(){
$this->main_login();
}
main_login
public function main_login(){
$this->load->helper('url');
// on view i will call the next function login_validation
$this->load->view("view_login");
}
login_validation
public function login_validation(){
$this->load->library('form_validation');
(...)
if ($this->form_validation->run()){
// i should redirect the saved url here, instead of home
redirect('home');
}else{
(...)
}
}
i appreciate any help
You can do this simply by using $this->agent->referrer() in your controller class main_login().
Save the referrer url into your session, and once the user is validated (or if they are), then you pull that string from session:
in main_login():
// grabs url where you clicked login
$this->session->set_userdata('referrer_url', $this->agent->referrer());
in login_validation():
// pull url from session and redirect, make sure to account for not having url too
redirect( $referrer_url );
I apologize for the delay, i was really busy with the end of the semester,
So i will explain how i did to solve this problem, all i wanted was back to the current page after the login.. so, everytime i open my view login i will save the last page url, with this code:
$refering_url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '' ;
and then i should save it in my session, so i can access from my controller and redirect the user to the last page, but look, i can’t simple save the url every time i access the view login, beucase every time i miss the password, i will be redirected to the login page, and so the last url, will the login and not the last one, and of course its wrong, So we have to save it on session, but only in the first time we access the view login, to do that, i compare the variable above ($refering_url) to the view login and view login validation, if its not the same, i can confirm that the previous page is the one i was before the login, and then i can save it to my session,
here the comparison, and the last url saved in my session:
if (($refering_url != ‘URL TO VIEW LOGIN‘) &&
($refering_url != ‘URL TO LOGIN VALIDATION){
$this->session->set_userdata('url', $refering_url);
}
after login is validated, on the controller, i should redirect the user , to the last page he was (the url saved on the session), to do that i used this code:
$this->session->set_userdata($data);
$url=$this->session->userdata('url');
redirect($url, 'refresh');
I have a few links (login, logout, and register) in the _layout template, where the links are shown depending on whether the user is logged in. Like so:
if (User.Identity.IsAuthenticated)
{
<span class="username">#User.Identity.Name</span>
<span class="link">#Html.ActionLink("Logout", "Logout", "Account")</span>
}
else
{
<span class="link">#Html.ActionLink("Login", "Login", "Account")</span>
<span class="link">#Html.ActionLink("Register", "Register", "Account")</span>
}
Problem is that the logout link is still displayed the first time the user logs out of the system (I would expect that to be immediately replaced with the login, and register links) - that is until the page is refreshed, or the user moves to another page. Here is the logout action code:
public ActionResult Logout()
{
FormsAuthentication.SignOut();
Session.Abandon();
return View();
}
I have gone through this link - http://mvcdev.com/differences-between-asp-net-razor-and-web-forms-view-engines/ - which explains the execution order of the Razor engine, but in my case it seems to be executing differently. Ideally I would expect the FormsAuthentication.SignOut() to execute before the User.Identity.IsAuthenticated in the _layout.
What am I doing wrong? Thanks!
That's normal, you need to redirect after logging out:
public ActionResult Logout()
{
FormsAuthentication.SignOut();
Session.Abandon();
return RedirectToAction("Index");
}
The reason this happens is because when the client requested the Logout link he was still authenticated (he sent the authentication cookie along with the request). Then inside the controller action you are logging him out (FormsAuthentication.SignOut()) which does nothing more than mark the authentication cookie for removal on subsequent requests. Then you return a view, and inside this view of course the user is still authenticated as this view executes under the same request and the cookie is still present.