Uncaught TokenMismatchException - How to catch it?

[xJuvi]

Hi, I am currently trying to integrate the router into my existing system that is getting on in years. Unfortunately, I am currently failing to intercept the CSRF TokenMismatchException.

Neither the exception handler nor the extended classes intercept the exception. Do you have an idea how I can get the exception and process it myself? I am currently getting the following error message:

Fatal error: Uncaught Pecee\Http\Middleware\Exceptions\TokenMismatchException: Invalid CSRF-token. in /ROOT/library/router/Pecee/Http/Middleware/BaseCsrfVerifier.php:104 Stack trace: #0 /ROOT/MKW/library/router/Pecee/SimpleRouter/Router.php(340): Pecee\Http\Middleware\BaseCsrfVerifier->handle(Object(Pecee\Http\Request)) #1 /ROOT/MKW/library/router/Pecee/SimpleRouter/SimpleRouter.php(69): Pecee\SimpleRouter\Router->start() #2 /ROOT/MKW/inc/router/Router.php(27): Pecee\SimpleRouter\SimpleRouter::start() #3 /ROOT/MKW/index.php(32): Demo\Router::start() #4 {main} thrown in /ROOT/MKW/library/router/Pecee/Http/Middleware/BaseCsrfVerifier.php on line 104

I would be grateful for any support or tips. You did a really great job with the router. I love it!

Thanks very much!

[DeveloperMarius]

Hello,

I recommend creating your own ExceptionHandler:

class ExceptionHandler implements IExceptionHandler {
    public function handleError(Request $request, Exception $exception): void{
        if($exception instanceof TokenMismatchException){
            [...Your Code...]
        }
    }
}

you can include it into the Router using a group:

Router::group([
        'prefix' => '/api',
        'exceptionHandler' => ExceptionHandler::class,
    ], function (){
[...Your Code...]
}

If you do not have your route in a group, you have to surround your index.php with a try catch:

try{
    require_once '../src/router/routes.php';

    $verifier = new CsrfVerifier();
    $verifier->setTokenProvider(new TokenProvider());
    SimpleRouter::csrfVerifier($verifier);

    SimpleRouter::setDefaultNamespace('\system\router\controller');

    SimpleRouter::start();
} catch(TokenMismatchException $e) {
[...Your Code...]
} catch(Exception $e) {
[...Your Code...]
}

~ Marius

[xJuvi]

Hi @DeveloperMarius ,

Thanks for your support.

I have my own exception handler with the same code as yours above. But it doesn't work.

if($error instanceof TokenMismatchException)
{
	$request->setRewriteCallback('InternalDefaultController@notFound');
	return;
}

In my tests yesterday i thought maybe PR #609 is the main issue. But then i tried to response the error with the following:

response()->json(['error' => $error->getMessage(),'code'  => $error->getCode(),'success'  => false]);

Same result. I get ever the fatal error "Uncaught TokenMismatchException".

Kind regards

[DeveloperMarius]

Hey,

could you please share your code with us so that I can take a look and reproduce the issue? I need the exception handler, your controller / route and the code where you start the router (just everything you got associated with the issue).

~ Marius

[riku22]

Hello.

I am also trying to catch TokenMismatchException exceptions with CustomExceptionHandler, but I am having trouble catching them. I hope you can refer to catch_token_exception branch in my repository for sample code for testing.

[xJuvi]

hi, sorry for late response. I tried the same way like riku22 - but the Custom exception handler doesn't catch it. I get everytime an "uncaught exception" error.