I am building a REST API using Laravel 5.1 and I am getting this error:
TokenMismatchException in VerifyCsrfToken.php line 53:
Here is my routes.php:
Route::controller('city' , 'CityController' );
CityController:
class CityController extends Controller
{
public function postLocalities()
{
$city = Input::get('cityName');
$response = $city;
return $response;
}
}
Here is the Stacktrace of the error when I hit the URL http://localhost:8000/city/localities?cityName=bangalore with POST method.
TokenMismatchException in VerifyCsrfToken.php line 53:
in VerifyCsrfToken.php line 53
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
ShareErrorsFromSession.php line 54
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in
CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'),
array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Kernel.php line 122
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 87
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\Users\betaworks02\Documents\gharbhezoBackend\public\index.php') in server.php line 21
If you are building an API its best to place the CRSF middle ware on per route basis rather than placing it as a global middleware. To make it as a route middleware go to the "/app/Http/Kernel.php" file.
Now you can place it on the routes where you need it for example
Route::get('someRoute', array('uses' => 'HomeController@getSomeRoute', 'middleware' => 'csrf'));
For your case where you don't need CSRF token matching it should work fine now.
You do not need to fully override the CFSR token from your app. In your App/Http/Midlleware folder go to VerifyCsrfToken.php and include your API route to the exception as follows:
The * shows for all routes inside your API.
I was getting the same error, but with all the warnings about overriding CSRF validation, didn't want to change those settings.
I eventually found that my Session Driver in /config/session.php was defaulting to memcached, and since I was on a development server I needed to override the SESSION_DRIVER env variable with 'file' to use the session in /storage/framework/sessions.