Reputation: 652
So I have an issue where i can't seem to get it to redirect to the dashboard after a user signs up by submitting their details to the database. Instead i get this message in firefox: "The page has expired due to inactivity.Please refresh and try again." and in the url it does not say /dashboard it says /signup.
This is my web.php route
Route::get('/', function () {
return view('user/usersignup');
});
Route::post('/signup', [
'uses' => 'UserController@postSignUp',
'as' => 'signup'
]);
Route::post('/signin', [
'uses' => 'UserController@postSignIn',
'as' => 'signin'
]);
Route::get('/dashboard', [
'uses' => 'UserController@getDashboard',
'as' => 'dashboard'
]);
This is UserController, my controller.
<?php
namespace App\Http\Controllers;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class UserController extends Controller
{
public function getDashboard(){
return view('dashboard');
}
public function postSignUp(Request $request){
$first_name = $request['first_name'];
$email = $request['email'];
$password = bcrypt($request['password']);
$user= new User();
$user->first_name = $first_name;
$user->email = $email;
$user->password = $password;
$user->save();
return redirect()->route('dashboard');
}
}
This is my signup view: usersignup.blade.php
<form action="{{ route('signup') }}" method="post" id="userform">
<div class="form-group">
<label for="first_name">Your first Name</label>
<input class="form-control" type="text" name="first_name" id="fullname">
</div>
<div class="form-group">
<label for="email">Your E-Mail</label>
<input class="form-control" type="text" name="email" id="email">
</div>
<div class="form-group">
<label for="password">Your Password</label>
<input class="form-control" type="password" name="password" id="password">
</div>
<button type="submit" class="btn btn-primary">Submit</button>
<input type="hidden" name="_token" value="{{ Session::token() }}">
</form>
Upvotes: 0
Views: 1089
Reputation: 997
Add a csrf field to the form instead of hidden _token input:
<form action="{{ route('signup') }}" method="post" id="userform">
{{ csrf_field() }}
<div class="form-group">
<label for="fullname">Your Full Name</label>
<input class="form-control" type="text" name="fullname" id="fullname">
</div>
<div class="form-group">
<label for="email">Your E-Mail</label>
<input class="form-control" type="text" name="email" id="email">
</div>
<div class="form-group">
<label for="password">Your Password</label>
<input class="form-control" type="password" name="password" id="password">
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
Upvotes: 1
Reputation: 34924
You are using Wrong CSRF.
Either use {{ csrf_field() }}
inside <form>
tag and remove hidden element name="_token"
<form action="{{ route('signup') }}" method="post" id="userform">
{{ csrf_field() }}
.....
.....
<button type="submit" class="btn btn-primary">Submit</button>
</form>
Or replace value of hidden element _token
to csrf_token()
<form action="{{ route('signup') }}" method="post" id="userform">
.....
.....
<button type="submit" class="btn btn-primary">Submit</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
Upvotes: 2