php - How to handle token mismatch exception when user delete the hidden token from firebug? -


i working on laravel 5.2 framework , maintaing , secure our code. facing 1 problem. suppose there 1 login form this:-

<form id="userloginform" method="post" action="{{ url('/login') }}">{{csrf_field()}}  <label>email: </label>  <input type="text" name="email" autocomplete="off" placeholder="email" class="input-style" /> <label>password: </label> <input type="password" name="password" autocomplete="off" placeholder="password" class="input-style" /> <input type="submit" class="green-btn-style" value="login" /> 

now form in firebug:- enter image description here

now suppose press delete button keyboard token removed our form. when submit form. show me token mismatch expection. don't want show error hacker or user.. have implemented isset not working. login code:-

if(isset($data['email']) && isset($data['password']) && isset($data['_token']) && auth::attempt(['email' => $data['email'],'password' => $data['password']])) {  //redirect dashboard } 

can me how resolve issue.

enter image description here

exceptions handled file

app/exceptions/handler.php 

in laravel. can catch token mismatch exceptions , perform desired action. sample code be

use illuminate\session\tokenmismatchexception; 

to catch token mismatch exception, can add render method

if ($exception instanceof tokenmismatchexception) {             return response()->view('errors.400', [], 400); // load view of choice         } 

Comments

Popular posts from this blog

resizing Telegram inline keyboard -

command line - How can a Python program background itself? -

php - "cURL error 28: Resolving timed out" on Wordpress on Azure App Service on Linux -