Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

sarunopassawas's avatar

l not post api after clone project from git ( "CSRF token mismatch." ) laravel 6.0 on mac os x

l not post api after clone project from git ( "CSRF token mismatch." ) laravel 6.0 on mac os

Steps after clone 1.composer install 2.npm install 3.Create a copy of your .env file 4.php artisan key:generate

Post api format

General

Request URL: http://127.0.0.1:8000/login Request Method: POST Status Code: 200 OK Remote Address: 127.0.0.1:8000 Referrer Policy: no-referrer-when-downgrade

Response Headers

Connection: close Content-type: text/html; charset=UTF-8 Date: Fri, 13 Dec 2019 03:05:21 GMT Host: 127.0.0.1:8000 X-Powered-By: PHP/7.3.9

Request Headers

Accept: application/json, text/plain, / Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9,th;q=0.8 Connection: keep-alive Content-Length: 84 Content-Type: application/json;charset=UTF-8 Cookie: XSRF-TOKEN=eyJpdiI6IkxaNDc4UkdKQ0FJeDNxR0tVT3dEcmc9PSIsInZhbHVlIjoiTjdKQUo1OUNKV3ZmXC9NNnEreGdyNmtueVVYaVVseGVzeFAxanF2aFlyWm9nUVpKMm1EdlBaMTlaNFZQN0lHaFYiLCJtYWMiOiI4Y2M0ZTQ2YzNiMTllYzhiMWJhMTY0OTM4NDFhMmUwZmNmMTg2YWUxYWZkYTJiMzk1NGNhYTA0OWE2OGY0MmY5In0%3D; laravel_session=eyJpdiI6IlkyVjduS3ZMUnN2NU5tSHRxYURBSkE9PSIsInZhbHVlIjoiVVducUtRXC9xMHc0SGdvUEhqdlBTM2g1NTBscUw2MzdhRkR3RWxvZEtzajRrd2tvOEQwVURqcHViXC9RRDlTS3FDIiwibWFjIjoiZDNiZTA1M2I1MDkzZDM4ODQ3NTY4ZTQ2NjE0NGYzN2E0ZTRjNGMzYjU0OGQyNTNhZWIxYTRmMWVlNDhiNmFiNyJ9 Host: 127.0.0.1:8000 Origin: http://127.0.0.1:8000 Referer: http://127.0.0.1:8000/ Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 X-CSRF-TOKEN: TaSalYsNVkqlI37gaRCKKw6QNzJE9UwyPKNISzV2 X-Requested-With: XMLHttpRequest X-XSRF-TOKEN: eyJpdiI6IkxaNDc4UkdKQ0FJeDNxR0tVT3dEcmc9PSIsInZhbHVlIjoiTjdKQUo1OUNKV3ZmXC9NNnEreGdyNmtueVVYaVVseGVzeFAxanF2aFlyWm9nUVpKMm1EdlBaMTlaNFZQN0lHaFYiLCJtYWMiOiI4Y2M0ZTQ2YzNiMTllYzhiMWJhMTY0OTM4NDFhMmUwZmNmMTg2YWUxYWZkYTJiMzk1NGNhYTA0OWE2OGY0MmY5In0=

error message

exception: "Symfony\Component\HttpKernel\Exception\HttpException" file: "/Users/sarun/Documents/GitHub/lottothai-frontend/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php" line: 223 message: "CSRF token mismatch."

The same code can be used normally on windown.

But the difference on windown **Response Headers

Set-Cookie: XSRF-TOKEN=eyJpdiI6IjErRkVVSUhxclhWbHBvOEtXMFd2Mnc9PSIsInZhbHVlIjoidzNwejVHc21qUzl5Yk9sVFE5QkxhbFpDdjl3OGVJNG1yMmZGdW4zWXBHMkFJNXR2NWVYTVZGbzVOOVwvN0hnQjMiLCJtYWMiOiI0ODQzMzMwMWE1OGIwMjQ2ZTJmYjExZGIyODlmN2RlMDQ5M2Q4NjFmNDk5MjI1OTI5NGIyZjQwMjFjN2VlNjU2In0%3D; expires=Fri, 13-Dec-2019 05:34:01 GMT; Max-Age=7200; path=/ Set-Cookie: laravel_session=eyJpdiI6Ik84SmFleElLaWd4alJvM2NYa2hIdlE9PSIsInZhbHVlIjoic2ZPaW0yd3kwMkVlUWRmZ29rQnBKZlBadTh1N2J2Slpkd3dvcnpYbkE2UU45WkZCXC9vYUNxbXJra0NuMUJYNVYiLCJtYWMiOiJjZmY0NWJlNmQ4ZTQyYTY2MzhjZWRlZWE2MDNmNTI3YTYwOGI3OWQ2NjNjMzU2ZjhlMDgzMzE1NGY2YmVjY2ZhIn0%3D; expires=Fri, 13-Dec-2019 05:34:01 GMT; Max-Age=7200; path=/; httponly

But on the mac os the clone came down, not in this section**

Please help me. Thank you.

0 likes
3 replies
fylzero's avatar

@sarunopassawas Make sure you are using an api route instead of a web route. An API route should not be checking for CSRF tokens.

23 likes
dinni's avatar

protected $except = [ '/api/*' ];

use this code inside VerifyCsrfToken middleware

1 like
Sinnbeck's avatar

If using the api.php file for routes it is automatically excluded from Csrf tokens. No need to manually exclude it.

Please or to participate in this conversation.