douran6443
2017-07-27 22:31
浏览 33
已采纳

如何在laravel中使用特殊消息管理特殊错误

I'm using laravel 5.4. and I need handle some error. imagine user logged in and opened two windows (his profile). When user click on logout in a window, we have still logout button in another window, and by clicking on that, laravel will show csrf_token error page.

My logout in not ajax and its with submitting a form to /logout how can I handle this error with special message or redirect to home without error from logout controller? (not all of csrf_token errors, just from that controller).

logout form :

i will submit this form by clicking on logout button using jquery:

<form id="logout-form" action="/logout" method="POST" style="display: none;">
    <input type="hidden" name="_token" :value="token">
</form>

And the logout method in controller :

public function logout(Request $request)
{
    $this->guard()->logout();
    $request->session()->flush();
    $request->session()->regenerate();
    return redirect('/');
}

图片转代码服务由CSDN问答提供 功能建议

我正在使用laravel 5.4。 我需要处理一些错误。 imagine用户登录并打开了两个窗口(他的个人资料)。 当用户在窗口中单击注销时,我们仍然在另一个窗口中注销按钮,通过单击它,laravel将显示csrf_token错误页面。

我的注销不是ajax,而是将表单提交到 / logout how我可以使用特殊消息处理此错误或重定向到home而不会出现登录错误 控制器? (并非所有 csrf_token 错误,仅来自该控制器)。

注销表单:

我将提交此表单 通过使用jquery单击注销按钮:

 &lt; form id =“logout-form”action =“/ logout”method =“POST”style =“display:none;  “&gt; 
&lt; input type =”hidden“name =”_ token“:value =”token“&gt; 
&lt; / form&gt; 
   
 
 

控制器中的注销方法:

 公共功能注销(请求$请求)
 {
 $ this-&gt; guard() - &gt; logout(); 
  $ request-&gt; session() - &gt; flush(); 
 $ request-&gt; session() - &gt; regenerate(); 
返回redirect('/'); 
} 
   
 
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • douchi5822 2017-07-28 14:17
    已采纳

    in App\Exceptions\Handler.php Return the user to the form with a new valid CSRF token, so the page will refreshed and logout button will not exist.

    public function render($request, Exception $exception)
    { 
       if($exception instanceof TokenMismatchException)
       { 
          return redirect()
                   ->back()
                   ->with('your msg');
       }
       return parent::render($request, $exception); 
    }
    

    this looking like, page was refreshed.

    Don't Replace POST with Get. It will not Safe And Standard.

    点赞 评论
  • doushao1087 2017-07-27 22:41

    One way is use GET for your logout. In fact use a simple <a href="/logout">logout</a> should be sufficient. So you change your route to use get and you can wave bye to the form.

    Although, there might be different opinions about the METHOD to use but truthfully, this is sufficient.

    Update

    Isn't any way to manage errors just like what i said?

    In my opinion, this is the best I would do for now. Otherwise to show special message when someone tries the logout route even though they are logged out, I will just do the following:

    public function logout(Request $request)
    {
        if (!auth()->check()) {
            return redirect('/')->with('login_error', 'You are already logged out please login again'); // message can be retrieved in session()
        }
        $this->guard()->logout();
        $request->session()->flush();
        $request->session()->regenerate();
        return redirect('/');
    }
    

    I will still not use post, since I am not creating any resource.

    I hope this helps.

    点赞 评论

相关推荐 更多相似问题