Roni
342
2
Testing

TDD CSRF mismatch

Posted 4 months ago by Roni

Hi Guys, I already have the code solution, but it occurs to me that I don't know how to write the test to determine a CSRF mismatch coming from a JSON post request. If anyone knows a quick solution please comment.

Here is what I had thought but I'm not sure how to add in or change the CSRF header:

public function an_expired_session_that_fires_an_ajax_post_request_redirects_back_to_login_route() {
    $this->basicSignIn(User::first());  // a helper function to make sure we are authenticated.
        $this->get(route('client.create'))
            ->assertOk();

    // I need a way to expire the session here, or change the CSRF token

    $this->postJson(route('client.store'), $this->getValidFields())
        ->assertStatus(419);
}

Thanks in advance

Please sign in or create an account to participate in this conversation.