Level 50
$this->withoutMiddleware();
Should do the trick, more here:
1 like
Apr 16, 2018
8
Level 8
TokenMismatchException for Tests
Hi all. I'm starting a new project and I've just written my first test, but it's failing on CSRF validation. I was under the impression that CSRF validation was disabled for testing? Where does the logic live to disable this?
/** @test */
public function a_user_can_open_a_bank_account () {
// Given we have a user
$this->signIn();
// And a new bank account
$newBankAccount = make(BankAccount::class, [
'user_id' => auth()->id()
]);
// And they submit the form to open a new bank account
$this->post(auth()->id() . '/banking/account', $newBankAccount->toArray());
// Then they should have a bank account associated with them
$this->assertEquals(1, auth()->user()->bankAccounts()->count());
}
Illuminate\Session\TokenMismatchException
Level 67
Or if you'd rather not disable security to test this, add the token to the data being sent in the post
$newBankAccount = make(BankAccount::class, [
'user_id' => auth()->id()
]);
$newBankAccount = $newBankAccount->toArray();
$newBankAccount['_token'] = csrf_token(); // add token
$this->post(auth()->id() . '/banking/account', $newBankAccount);
2 likes
Level 8
Thanks guys. Shouldn't this be automatically disabled in 5.6 though?
Level 67
Why would it be disabled? It should work the way it normally would in a production scenario, shouldn't it? Or what are you really testing?
Level 8
According to the Laravel 5.6 documentation, the CSRF middleware is automatically disabled when running tests.
Level 50
Well did it work when you disabled it?
Level 8
It did, thanks. I was just curious as to why it wasn't being disabled out of the box.
Level 50
@AlexGodbehere I do not see a reason it should be disabled. Your tests should behave the way your application does.
Please or to participate in this conversation.