php - How to handle token mismatch exception when user delete the hidden token from firebug? -
i working on laravel 5.2 framework , maintaing , secure our code. facing 1 problem. suppose there 1 login form this:-
<form id="userloginform" method="post" action="{{ url('/login') }}">{{csrf_field()}} <label>email: </label> <input type="text" name="email" autocomplete="off" placeholder="email" class="input-style" /> <label>password: </label> <input type="password" name="password" autocomplete="off" placeholder="password" class="input-style" /> <input type="submit" class="green-btn-style" value="login" />
now suppose press delete button keyboard token removed our form. when submit form. show me token mismatch expection. don't want show error hacker or user.. have implemented isset not working. login code:-
if(isset($data['email']) && isset($data['password']) && isset($data['_token']) && auth::attempt(['email' => $data['email'],'password' => $data['password']])) { //redirect dashboard }
can me how resolve issue.
exceptions handled file
app/exceptions/handler.php
in laravel. can catch token mismatch exceptions , perform desired action. sample code be
use illuminate\session\tokenmismatchexception;
to catch token mismatch exception, can add render method
if ($exception instanceof tokenmismatchexception) { return response()->view('errors.400', [], 400); // load view of choice }
Comments
Post a Comment