[Bug] 419 PAGE EXPIRED when I try to login through 127.0.0.1:8000/admin/login

[zanurban]

Bug report

What I did

I have started Laravel project, created a few migrations, models and seeder, then I installed latest Backpack, I generated CRUDS for all models using the command.

What I expected to happen

I was expected to have a functional install by default.

What happened

When opening the admin panel the styling doesn't load properly and I get 419 errors. In the network section I see that the next files get error code 404:

• common.js?56ab10a4ca75
• tabler.js?56ab10a4ca75
• colors.css?56ab10a4ca75
• color-adjustments.css?56ab10a4ca75
• common.css?56ab10a4ca75
• style.css?56ab10a4ca75

What I've already tried to fix it

I have tried:

• APP_URL to 127.0.0.1 (.env)
• APP_URL to 127.0.0.1:8000 (.env)
• APP_URL to http://127.0.0.1:8000 (.env)
• php artisan key:generate
• I tried reinstalling backpack, updating everything etc.
• BASSET_DEV_MODE=true (.env)
• php artisan config:clear
• php artisan cache:clear
• php artisan view:clear

Is it a bug in the latest version of Backpack?

After I run composer update backpack/crud the bug... is it still there? Yes, nothing changes

Backpack, Laravel, PHP, DB version

When I run php artisan backpack:version the output is:

PHP VERSION:

8.2.10

PHP EXTENSIONS:

Core, bcmath, calendar, ctype, date, filter, hash, iconv, json, SPL, pcre, random, readline, Reflection, session, standard, mysqlnd, tokenizer, zlib, libxml, dom, PDO, openssl, SimpleXML, xml, xmlreader, xmlwriter, curl, fileinfo, gd, mbstring, Phar, pdo_mysql, pdo_pgsql, pgsql, zip

LARAVEL VERSION:

11.9.1.0

BACKPACK PACKAGE VERSIONS:

backpack/basset: 1.3.4 backpack/crud: 6.7.15 backpack/generators: v4.0.5 backpack/theme-tabler: 1.2.10

[welcome[bot]]

Hello there! Thanks for opening your first issue on this repo!

Just a heads-up: Here at Backpack we use Github Issues only for tracking bugs. Talk about new features is also acceptable. This helps a lot in keeping our focus on improving Backpack. If you issue is not a bug/feature, please help us out by closing the issue yourself and posting in the appropriate medium (see below). If you're not sure where it fits, it's ok, a community member will probably reply to help you with that.

Backpack communication channels:

• Bug Reports, Feature Requests - Github Issues (here);
• Quick help (How do I do X) - Gitter Chatroom;
• Long questions (I have done X and Y and it won't do Z wtf) - Stackoverflow, using the backpack-for-laravel tag;
• Showing off something you've made, asking for opinion on Backpack/Laravel matters - Reddit;

Please keep in mind Backpack offers no official / paid support. Whatever help you receive here, on Gitter, Slack or Stackoverflow is thanks to our awesome awesome community members, who give up some of their time to help their peers. If you want to join our community, just start pitching in. We take pride in being a welcoming bunch.

Thank you!

-- Justin Case The Backpack Robot

[jcastroa87]

Hello @zanurban

If you are using php artisan serve to serve your application in http://127.0.0.1:8000 that's what you need to use as APP_URL=http://127.0.0.1:8000 in your .env file.

If you are using https also make sure you write it down in app url.

Then clean with

php artisan optimize:clear
php artisan basset:clear

In case this didnt work, check permissions:

chmod -R 755 storage
chmod -R 755 vendor
chmod -R 644 bootstrap/caches

And take a look in you error logs.

Cheers.

[zanurban]

Hello @jcastroa87 so my env is seted to http://127.0.0.1:8000

I tried using commands

php artisan optimize:clear php artisan basset:clear

Can I use chmod on Windows. I am developing my Laravel project on my computer and then I will publish it to my server.

[jcastroa87]

Hi.

If you running Windows i dont think you can use these linux commands.

Did you try

php artisan basset:check

To check if your config is well setting.

Let me know if there is some detail in logs.

Cheers.

[zanurban]

It says that everything is ok

[zanurban]

If I don't do php artisan serve, but if I know correctly, I should run it Then I get log: INFO Checking Backpack Basset installation.

Initializing basset check .............................................................................. DONE
Checking cache storage ................................................................................. DONE
Fetching a basset ..................................................................................... ERROR

ERROR cURL error 7: Failed to connect to 127.0.0.1 port 8000 after 2024 ms: Connection refused (see https://c url.haxx.se/libcurl/c/libcurl-errors.html) for http://127.0.0.1:8000/storage/basset/vendor/backpack/basset/tests/Helpers/basset-test.js. │ Backpack Basset failed to check it's working properly. │ │ This may be due to multiple issues. Please ensure: │ 1) APP_URL is correctly set in the .env file. │ 2) Your server is running and accessible at http://127.0.0.1:8000. │ 3) The public disk is properly configured in config/filesystems.php. │ Optionally, basset provides a disk named "basset", you can use it instead. │ 4) The storage symlink exists and is valid (by default: public/storage). │ │ For more information and solutions, please visit the Backpack Basset FAQ at: │ https://github.com/laravel-backpack/basset#faq

[jcastroa87]

How did you serve your aplication? Are you using some web server?

[zanurban]

No I am serving it on my machine via php artisan serve And if then I run php artisan basset:check Everything is ok

[jcastroa87]

Ok, and wich URl file are trying to load? per example common.js?

Cheers.

[zanurban]

Yes it is trying to load common.js... You can see it on picture.

And if I click login button I get 419 Page expired

[jcastroa87]

Im asking for the URL you write in browser and the full URL of common.js

[zanurban]

Oh sorry, here it is: http://127.0.0.1:8000/storage/basset/vendor/backpack/crud/src/resources/assets/js/common.js?56ab10a4ca75

[jcastroa87]

Look normal, didn you set early storage link?

php artisan storage:link

[zanurban]

So I tried pulling my private repository to mine other PC and now I have common.js included without errors, Code status: 200, but now when I click login it still does not work now I get on login error:

Look normal, didn you set early storage link?

php artisan storage:link

Yea I seted storage link. I just reinstalled Backpack for the third time.

[zanurban]

Could it be CORS policy by any chance? That CRSF token is not generated properly?

[jcastroa87]

CORS is because didnt load common.js

[jcastroa87]

You didnt update any config con filesystems.php? Can you share your .env and filesystems.php please, delete all the filesystems.php

Thanks.

[zanurban]

ENV file: ` APP_NAME=Laravel APP_ENV=local APP_KEY=base64:cresLWJ0p1JHNeUSH78lbfzq1PYNkwplo6bDvsf5+LA= APP_DEBUG=true APP_TIMEZONE=UTC APP_URL=http://127.0.0.1:8000

APP_LOCALE=si APP_FALLBACK_LOCALE=en APP_FAKER_LOCALE=hr_HR

APP_MAINTENANCE_DRIVER=file APP_MAINTENANCE_STORE=database

BCRYPT_ROUNDS=12

LOG_CHANNEL=stack LOG_STACK=single LOG_DEPRECATIONS_CHANNEL=null LOG_LEVEL=debug

DB_CONNECTION=pgsql DB_HOST=localhost DB_PORT=5432 DB_DATABASE=postgres DB_USERNAME=postgres DB_PASSWORD=root

SESSION_DRIVER=database SESSION_LIFETIME=120 SESSION_ENCRYPT=false SESSION_PATH=/ SESSION_DOMAIN=null

BROADCAST_CONNECTION=log FILESYSTEM_DISK=local QUEUE_CONNECTION=database

CACHE_STORE=database CACHE_PREFIX=

MEMCACHED_HOST=localhost

CACHE_DRIVER=redis

REDIS_CLIENT=phpredis REDIS_HOST=localhost REDIS_PASSWORD=null REDIS_PORT=6379

MAIL_MAILER=log MAIL_HOST=127.0.0.1 MAIL_PORT=2525 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null MAIL_FROM_ADDRESS="hello@example.com" MAIL_FROM_NAME="${APP_NAME}"

AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_DEFAULT_REGION=us-east-1 AWS_BUCKET= AWS_USE_PATH_STYLE_ENDPOINT=false

VITE_APP_NAME="${APP_NAME}"

BASSET_DEV_MODE=true `

[zanurban]

Filestystems.php I only added my own local disk:

`<?php

return [

/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application for file storage.
|
*/

'default' => env('FILESYSTEM_DISK', 'local'),

/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Below you may configure as many filesystem disks as necessary, and you
| may even configure multiple disks for the same driver. Examples for
| most supported storage drivers are configured here for reference.
|
| Supported Drivers: "local", "ftp", "sftp", "s3"
|
*/

'disks' => [

    'local' => [
        'driver' => 'local',
        'root' => storage_path('app'),
        'throw' => false,
    ],

    'public' => [
        'driver' => 'local',
        'root' => storage_path('app/public'),
        'url' => env('APP_URL').'/storage',
        'visibility' => 'public',
        'throw' => false,
    ],

    'localFiles' => [
        'driver' => 'local',
        'root' => storage_path('app/localFiles'),
        'throw' => false,
    ],
],

/*
|--------------------------------------------------------------------------
| Symbolic Links
|--------------------------------------------------------------------------
|
| Here you may configure the symbolic links that will be created when the
| `storage:link` Artisan command is executed. The array keys should be
| the locations of the links and the values should be their targets.
|
*/

'links' => [
    public_path('storage') => storage_path('app/public'),
],

];`

[pxpm]

Hey @zanurban thanks for the report.

I am here trying to reproduce your issue but I wasn't able until now.

I am more convinced that this is an issue with your setup, because in one of your previous messages you said you were able to load the common.js when moved the project to other PC.

So I would try to figure out the issue there, and fix it in the other environment.

When you say you get 419 (expired/not present token), it's when you access the login page, or when you enter the credentials and try to login ?

Let's also do the following test. If you set BASSET_DEV_MODE=false in your env. and issue a basset:cache command, does those files get created in storage/app/public/basset ?

You may have your project installed on a directory that's not script writable? I usually put my projects in a folder like c:/projects/. I had problems when using projects from example in my USER home folder.

Let me know if it works.

Cheers

[zanurban]

When you say you get 419 (expired/not present token), it's when you access the login page, or when you enter the credentials and try to login ?

I get 419 when I try to log in.

Let's also do the following test. If you set BASSET_DEV_MODE=false in your env. and issue a basset:cache command, does those files get created in storage/app/public/basset ?

When I go to 127.0.0.1/admin I get Error 500 cURL error 60: SSL certificate problem: unable to get local issuer certificate (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://unpkg.com/@tabler/core@1.0.0-beta19/dist/css/tabler.min.css I think that files does get created:

[tabacitu]

Maybe SSL isn't properly set up in your Laravel project? Are you getting a green lock icon in the browser? Shouldn't you set the APP_URL to also use HTTPS?