发表新帖
发表新帖

Laravel: Session expires while registration form is open

后端 未结
关注
3 1164
北恋
北恋 2021-01-26 07:47

I have have a web app which is waiting for users on a laptop in kiosk mode. Sometimes, registration fails and users get an error screen - I think it\'s 419 Session Expired.

相关标签:
3条回答
  • 我寻月下人不归
    2021-01-26 07:58

    I think you might want to take a look at this package:

    laravel-caffein

    Hope it helps :)

    0 讨论(0)
  • 暖寄归人
    2021-01-26 08:10

    You note yourself that you can change the session time in config/session.php. Is there a reason why you don't want to change that?

    Alternatively, assuming that this is not an app that is accessible on the World Wide Web and is for Kiosk use only, you can exclude certain routes from requiring the CSRF token altogether;

    Edit the **$except** property of the VerifyCsrfToken middleware;

    protected $except = [
    'stripe/*',
    'http://example.com/foo/bar',
    'http://example.com/foo/*',
];

    Information taken from the Laravel Documentation.

    0 讨论(0)
  • 故里飘歌
    2021-01-26 08:21

    As mentioned, the simplest solution is usually to extend the session expiration time from the default of 2 hours (which is very short).

    If longer sessions are not desirable, another option is to keep the session alive for as long as the browser page is open by using javascript.

    Add a route in routes/web.php:

    Route::post('/keep-alive', function () {
    return response()->json(['ok' => true]);
});

    And then ping this route periodically with javascript:

    setInterval(() => {
    axios.post('/keep-alive')
        .then(() => {})
        .catch(() => {})
}, 600000)

    (I used axios to make the POST request because it's included with a default Laravel install, but you can use anything to make the request.)

    Since the request passes through the web middleware group, the session middleware should be run and keep the session alive. If the browser page is closed, the computer is put to sleep, etc., then the session will still expire normally after the configured time has elapsed.

    You can also check for session expiration responses from the javascript call and then refresh the page, prompt for credentials, or perform some other action if you detect that the session expired. This case is most likely to occur if the computer resumes operation from a sleeping state.

    0 讨论(0)
 看不清?
提交回复
热议问题