[Fixed] The page has expired due to inactivity in Laravel 5

If you are new to Laravel and you come across this screen on your developmet screen. I have posted few possible reasons for you to easily fix this thing.

CSRF token verification fails

Laravel protects it’s POST  request via Forms from CRSF Protection.  Cross-site request are a type of malicious exploit whereby unauthorized request can be made to your POST route on behalf of the user.

Laravel automatically generates a CSRF “token” for each active user session managed by the application. This token is used to verify that the authenticated user is the one actually making the requests to the application. [ CSRF Protection Laravel ]

For all your HTML forms in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request.

Livewire Component Library

You may use the csrf_field helper to generate the token field:

Host Laravel Application on DigitalOcean

Use coupon 5balloons on this Cloudways Affiliate URL to get special discount.
<form method="POST" action="/profile">
    {{ csrf_field() }}

Thus Laravel will autocatically verify the CSRF token by a Middleware and you wont see the page expired screen next time

If for some reason you are not looking to include a hidden field in your form you must exclude the POST route from verification. Add the route entry in app/Http/Middleware/VerifyCsrfToken.php

 protected $except = [


Clear Cache

If you have already included the CSRF token in your form. Then you are getting the error page possibly beacuse of cache data in your form. Open your terminal / command prompt and run these commands in your project root.


 php artisan cache:clear
 php artisan config:clear 
 php artisan route:clear 
 php artisan view:clear

Also try to clear the browser cache along with running these commands.


Still not solved??


Directory Permissions

Your laravel project directory might not have correct permissions to store the session stuff. Try giving correct permissons to these directories.

sudo chmod -R 777 storage
sudo chmod -R 777 bootstrap/cache

Navigate to your project root directory in Terminal / Command Promt and run these commands.


Session Cookie Domain

Make sure you don’t have any absurd value in the value of Session Cookie domain. Open file app / config / session.php and make sure the domain value is null

    | Session Cookie Domain
    | Here you may change the domain of the cookie used to identify a session
    | in your application. This will determine which domains the cookie is
    | available to in your application. A sensible default has been set.

    'domain' => env('SESSION_DOMAIN', null),


Umm, Not Solved Yet?


Session Secure Value

Make sure the session secure value in file app / config / session.php is set to null.


    | HTTPS Only Cookies
    | By setting this option to true, session cookies will only be sent back
    | to the server if the browser has a HTTPS connection. This will keep
    | the cookie from being sent to you if it can not be done securely.

    'secure' => env('SESSION_SECURE_COOKIE', false),


Blame it on your OS

As per a user in Laracasts, its a known issue with Windows Development Environment.

Is “The page has expired due to inactivity” issue a bug in Laravel 5.5?




If you know any other solution to this issue in Laravel. Please post it in comments so that someone in need will get help.


Site Footer