Ad

CSRF Token Empty When The Website Is In Maintenance Mode

- 1 answer

My goal is to still allow administrators to login to the website, even in maintenance mode. However, when the website is in maintenance mode (using php artisan down), Laravel won't generate any CSRF Token.

csrf_token() is returning an empty string, and csrf_field() is returning <input type="hidden" name="_token" value="">

This issue won't occur if the website is not in maintenance mode.

Is it possible to force the generation of the token?

Ad

Answer

One solution which can fit for you is to disable csrf token for your admin route when maintenance mode is enabled

To do this open

App\Http\Middleware\VerifyCsrfToken

and add

protected $except = [
    '/your/route'
];

enter image description here

Ad
source: stackoverflow.com
Ad