D
D
Dmitry Kuznetsov2021-01-21 11:09:56
Laravel
Dmitry Kuznetsov, 2021-01-21 11:09:56

Laravel Sanctum is not giving out csrf-cookies, what should I do?

I am developing a bunch of sites site.ru (nuxt) and api.site.ru (Laravel 8 + Laravel Sanctum).
I made test authentication on site.ru. The request to get a csrf-cookie succeeds, but when it comes to api.site.ru/login it gives the following error with a 419 response:

CSRF token mismatch.

PS: For authentication I use the nuxt module Auth .

Here is my cors.php :
'paths' => [
        'api/*',
        'login',
        'logout',
        'sanctum/csrf-cookie'
    ],
    'allowed_methods' => ['*'],
    'allowed_origins' => ['*'],
    'allowed_origins_patterns' => [],
    'allowed_headers' => ['*'],
    'exposed_headers' => [],
    'max_age' => 0,
    'supports_credentials' => true,


nuxt.config.js :
axios: {
    baseUrl: process.env.API_URL,
    credentials: true,
  },

  auth: {
    strategies: {
      cookie: {
        cookie: {
          name: 'XSRF-TOKEN',
        }
      },
      'laravelSanctum': {
        provider: 'laravel/sanctum',
        url: process.env.API_URL
      },
    },
    redirect: {
      login: '/login',
      logout: '/logout',
      callback: '/login',
      home: '/'
    }
  },


Thanks in advance

Answer the question

In order to leave comments, you need to log in

1 answer(s)
V
Vladislav Lyskov, 2021-01-21
@Vlatqa

csrf is not needed at all in this bundle

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question