New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[5.6] Make Axios automatically send X-CSRF-TOKEN
in the header
#4128
Conversation
@monomichael #4127 |
Axios does automatically send a header it just sends X-XSRF-TOKEN. We need to update passport to check for both headers I think? |
I end up with this kind of error why? |
With axios you don't require to set this so I would remove this. If you want to fix the window.Laravel is undefined then add it before your JS file within your Laravel blade template e.g.
|
@rickbolton I follow the document of Laravel https://laravel.com/docs/5.4/passport#consuming-your-api-with-javascript and watch video lesson in Laracast as well. However, it still show error:Unauthorized. Is there any problem with the document. I use Apache2, PHP version 5.6, MySQL5.5, is there any problem with this environment. |
Make Axios automatically send `X-CSRF-TOKEN` in the header
I'm experiencing the same problems as @cheykeodina |
@cheykeodina Not sure if this is your issue but after you have authenticated you need to make a "dummy" GET request to get the laravel_token. This is if you have an SPA that makes a POST request to authenticate. Better yet is to extend CreateFreshApiToken middleware and make it send back a fresh token on both POST and GET. See here: https://github.com/MarGul/Bidder/blob/master/app/Http/Middleware/CreateFreshApiToken.php |
great pr |
X-CSRF-TOKEN
in the headerX-CSRF-TOKEN
in the header
Axios doesn't automatically send the
X-CSRF-TOKEN
that the passport token guard is looking for.See laravel/passport#256 and laravel/docs#3045