"The page has expired due to inactivity" - Laravel 5.5

Sougata Bose picture Sougata Bose · Sep 10, 2017 · Viewed 162.6k times · Source

My register page is showing the form properly with CsrfToken ({{ csrf_field() }}) present in the form).

Form HTML

<form class="form-horizontal registration-form" novalidate method="POST" action="{{ route('register') }}">
        {{ csrf_field() }}
        ....
</form>

I am using inbuilt authentication for the users. Have not changed anything except the routes and redirects.

When I submit the form (just after reloading also), it gives that The page has expired due to inactivity. Please refresh and try again. error.

My be I am missing a very small thing. But not sure what it is. Any help?

Update

Found the issue. The session driver was set to array. Changed it to file and the error is gone now. But what is wrong if I use array?

Answer

Devon picture Devon · Sep 10, 2017

If you're coming to this answer directly from a search, make sure you have already added the csrf token to your form with {{ csrf_field() }} like the OP.


If you have your session driver set to file:

May have something to do with the storage_path not being writable. This is where it stores session data regarding tokens if you're using file based sessions. The can be verified with is_writable(config('session.files'))


For the OP, the session driver was set to array. Array is for testing only. Since data is not persisted, it will not be able to compare the token on the next request.

The array driver is used during testing and prevents the data stored in the session from being persisted.

https://laravel.com/docs/5.5/session#configuration


Check config/session.php

Lastly, an issue I just had, we had a project which has the session domain and secure settings in config/session.php but the development site was not using HTTPS (SSL/TLS). This caused this generic error since sessions.secure was set to true by default.