Level 2
Put your token in your meta tag of your header (If that doesn't exist yet). Configure your ajax to always pick the token from header so you don't have to include it in every ajax result.
Dec 26, 2017
7
Level 1
Angular 4/5 and Laravel 5.5 XSRF-TOKEN
I'm currently working in a web where i use Angular 5 and Laravel 5.5 i am having a trouble on implementing XSRF-TOKEN, On the documentation of Laravel 5.5 XSRF-TOKEN laravel send XSRF-TOKEN inside the header on Angular i get the token and when i going to make POST request i put X-XSRF-TOKEN header which contain the XSRF-TOKEN that i get. But it still give me an error and i tried to find where the error came and that lead me to the tokensMatch() inside VerifyCsrfToken Class and i found out that when they matching the decrypted XSRF-TOKEN and $requrest->session()->token() using hash_equals() it returns false that's why i am receiving TokenMismatchException.
Is there a way to resolve this? if yes how. Thank you.
Level 1
Thank you @Paschal for the suggestion. I use interceptor on Angular I put the xsrf-token on my post request, my problem is when the token is verifying I am getting a false on hash_equals() but the xsrf-token that I send is the xsrf-token that I got on response cookie that laravel set
Level 5
@wirelessm Did you find a solution to your problem? I am facing the same issue. I am using this method to authenticate my Angular5 app: https://laravel.com/docs/5.5/passport#consuming-your-api-with-javascript
I would be really grateful if you share any new info on the matter. Thanks
Level 1
@kvalbot Sorry I haven't find any solution. I use laravel passport also it's look like we can't implement xsrf protection
Level 5
@wirelessm I will let you know if I find a solution
Level 5
Are your Angular and Laravel apps on the same domain? Cookies can only be consumed from the same domain
Level 1
@kvalbot i running it on localhost. I found this thread it's look like we need to stick on laravel passport
Please or to participate in this conversation.