How to update csrf-token in laravel?

W

WebDev2016-04-13 23:24:07

Laravel

WebDev, 2016-04-13 23:24:07

All POST requests in laravel are filtered by csrf-token. After some time, the token expires and the user cannot send requests. And if it is a SPA, then the user may not refresh the page for a very long time. On stackoverflow, it is advised to write a script that will receive a new token via Ajax and run it via setInterval.
Please explain, as I understand it, the token is given for a certain time. Let's say for half an hour and during this half hour it does not change. That is, if the user logged in at 13:00, then the token will be valid until 13:30. If so, then setInterval must work very accurately, otherwise it won't update it. For example, if he requests a new one at 13:29:59, he will receive the old one.
How to use csrf protection in this case?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Vitaliy Kravchishin, 2016-04-14
@kirill-93

With each request to the token, the cookie time is updated.

S

Silm, 2016-04-13
@Silm

What do you think happens when the token was issued at 13:00 and the user refreshed the page at 13:29:59?