Level 61
You shouldn't have CSRF verification in your API routes. Check the app/Http/Kernel.php or routes/api.php that you haven't referenced any web middleware for api.
2 likes
Aug 11, 2021
1
Level 2
Api and Request
Hello I am using custom Request. A simple one:
<?php
namespace App\Http\Requests\API;
use Illuminate\Foundation\Http\FormRequest;
class DeviceRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'token' => 'required|max:255',
];
}
/**
* Get the error messages for the defined validation rules.
*
* @return array
*/
public function messages()
{
return [
'token.required' => 'The member were not able authorized.',
];
}
}
And using the controller in the api.php. I authorize the member with api_token in the api.php. It works fine if I am using in the function Request $request. However if I am using DeviceRequest $request then the webpage is redirecting me in the postman application. I need the api.php to use for desktop application later. I did install telescope and it says that I get the error status 302. I did check on the google and some people said something about CSRF validation failed. However I can't do CSFR validation if it is API or there is a solution? Or how to fix this? Thank you in advance the answers.
Please or to participate in this conversation.