In Laravel I'm getting a "csrf" issue "Illuminate \ Session \ TokenMismatchException"
Route::group(array('before'=>'guest'),function()
{
Route::get('/user/create',array('uses'=>'UserController@getCreate'));
Route::get('/user/login',array('uses'=>'UserController@getLogin','as'=>'postCreate'));
Route::group(array('before'=>'csrf'),function()
{
Route::get('/user/create','UserController@postCreate');
Route::get('/user/login','UserController@postLogin');
});
});
that is controller
class UserController extends BaseController{
public function getCreate()
{
//return View::make('hello');
return View::make('user.register');
}
that is view
<div class="container">
<h1>Register</h1>
<form role="form" method="post" action="{{ URL::route('postCreate')}}">
<div class="form-gourp">
<label for="username">Username: </label>
<input id="username" name="username" type="text" class="form-control" />
</div>
<div class="form-gourp">
<label for="password">Password: </label>
<input id="password" name="password" type="text" class="form-control" />
</div>
<div class="form-gourp">
<label for="username">confirm Password: </label>
<input id="cpassword" name="cpassword" type="text" class="form-control" />
</div>
{{form::token()}}
<div class="form-gourp">
<input type="submit" value="register" class="btn btn-default"/>
</div>
</form>
When I add {{form::token }}, it shows the error "Illuminate \ Session \ TokenMismatchException"
You are wrong in your routes.
Route::group(array('before'=>'csrf'),function()
{
Route::get('/user/create','UserController@postCreate');
Route::get('/user/login','UserController@postLogin');
});
Those should be post, like the following
Route::group(array('before'=>'csrf'),function()
{
Route::post('/user/create','UserController@postCreate');
Route::post('/user/login','UserController@postLogin');
});
Read more about CSRF on wiki and laravel doc.
Use {{ Form::open() }} and {{ Form::close() }} rather than the <form> tags