Invalid CSRF Token

[lasha94]

Hello, im using your package, when i try with postman it works but if send requests from angular im getting Invalid CSRF Token

[huy97]

Hi @lasha94 ,
First thanks for using my library. I'm really sorry by issue you have, but please check for solution here.
My library using cookie to store a secret key, it default name is _csrf, so your request need auto attach this cookie before sending to server.
With axios you can enable mode withCredentials: true to attach cookie automatically. I have a same solution for angular here.
Finally, let's talk to me if the issue is still unresolved, many thanks

[lasha94]

I have already added it. This is my script.

  async getToken() {
    return await firstValueFrom(this.appService.getToken());
  }

  async checkCsrf() {
    const csrfToken = await this.getToken();
    // console.log(csrfToken);
    const resp = await firstValueFrom(this.appService.checkCsrf(csrfToken));
    // console.log(resp);
  }

When i make get request to http://localhost:3000/api/token it doesnt add cookie, and when i make post request im getting {"statusCode":403,"message":"CSRF token not found"} then it adds cookie, and after that im getting this on every request {"statusCode":403,"message":"Invalid CSRF Token"}

[lasha94]

I thought it withCredentials: true needed only for post request. I added it to getToken request too and now it works. Thank you. Dependencies need update, package doesnt work on latest nest project.