I run the php artisan make:auth command and I will explain step by step what I do after that to understand the scenario,
The thing is, these kind of scenarios may arise, and I don't want to see this error message, just logout after clicking logout, even if the session is expired.
Note: This issue is not because of not adding @csrf
Well that's an obvious message you can maybe try to make a better layout for that page, but still it is good to show it so the user knows what happened. If you want to handle it differently you can try to redirect to the login page.
So in your app\Exceptions\Handler.php file within the render method add this:
if ($exception instanceof \Illuminate\Session\TokenMismatchException) {
return redirect()->route('login');
}
IMHO you can try to modify your app/Http/Middleware/VerifyCsrfToken.php file. Edit the the $except property with something like this:
class VerifyCsrfToken extends Middleware
{
protected $except = [
'http://example.com/logout',
];
<a href="{{ route('logout') }}" class="dropdown-item notify-item"="event.preventDefault(); document.getElementById('logout-form').submit();">
<i class="fa fa-power-off"></i> <span>{{ __('Logout') }} </span>
</a>
<form id="logout-form" action="{{ route('logout') }}" method="POST" style="display: none;">
@csrf
</form>
You have missed the @csrf in you logout form, so only you getting Error 419