I have overriden fos_user_resetting_form with my own... When I did it, I am receiving "Invalid CSRF token" error. I tried to add this to the form: <input type="hidden" id="fos_user_resetting_form__token" name="fos_user_resetting_form[_token]" value="{{ csrf_token('authenticate') }}" /> but it didn't help.
I am customizing the whole form, so I am not using form_widget(form) function call.
Hm, probably because you're passing invalid value to csrf_token()... why "authenticate"? It's not an authentication, i.e. login form. If we're talking about ResettingFormType - it should be "resetting", see https://github.com/FriendsO... . I think it should help
Or you can use form_start()/form_end() Twig functions that will render opening and closing form tags and also this hidden csrf token field. But to avoid rendering fields you can call {% do form.plainPassword.setRendered %} before {{ form_end(form) }} call to mark this field as rendered and render it manually with your layout as you do.
Hello... I have finally solved by making the framework to render only that hidden field. I used simply {{ form_widget(form._token) }}. in twig template.
Please, log in to vote for this comment
7|
Share Comment
"Houston: no signs of life" Start the conversation!
5 Comments
Hi evryone
Can this tutoriel gonna work with SF4.If yes how i my gona to redirect directories.
Thanks again Ryan & the team for your tutorials :)
project/templates/bundles/FOSUserBundle/Security/login_content.html.twig
project/templates/bundles/FOSUserBundle/layout.html.twig
I have overriden fos_user_resetting_form with my own... When I did it, I am receiving "Invalid CSRF token" error. I tried to add this to the form: <input type="hidden" id="fos_user_resetting_form__token" name="fos_user_resetting_form[_token]" value="{{ csrf_token('authenticate') }}" /> but it didn't help.
I am customizing the whole form, so I am not using form_widget(form) function call.
This is the whole form:
Any ideas? Thanks.
Jaime
Hey Jaime,
Hm, probably because you're passing invalid value to csrf_token()... why "authenticate"? It's not an authentication, i.e. login form. If we're talking about ResettingFormType - it should be "resetting", see https://github.com/FriendsO... . I think it should help
Or you can use form_start()/form_end() Twig functions that will render opening and closing form tags and also this hidden csrf token field. But to avoid rendering fields you can call {% do form.plainPassword.setRendered %} before {{ form_end(form) }} call to mark this field as rendered and render it manually with your layout as you do.
Cheers!
Hello... I have finally solved by making the framework to render only that hidden field. I used simply {{ form_widget(form._token) }}. in twig template.
"Houston: no signs of life"
Start the conversation!