search

amrnn90 / breeze-nuxt

An application / authentication starter kit frontend in Nuxt3 for Laravel Breeze.
MIT License
198 stars 33 forks source link

419 CSRF token mismatch. #10

Closed marctaule closed 1 year ago

marctaule commented 1 year ago

Hi! I have a problem and I don't know why it happens. In local everything works fine, but in production I have mydomain.com (frontend) and api.mydomain.com (backend). When I try to login I get 419 ("message": "CSRF token mismatch."). Do you know why? Thanks and good job! :)

amrnn90 commented 1 year ago

Have you checked the configuration section on Sanctum docs?

You are likely missing this:

Finally, you should ensure your application's session cookie domain configuration supports any subdomain of your root domain. You may accomplish this by prefixing the domain with a leading . within your application's config/session.php configuration file: 'domain' => '.domain.com'

Make sure to include that dot prefix!

So in your case it should be:

'domain' => '.mydomain.com'

You can also do this through an environment variable:

SESSION_DOMAIN=.mydomain.com

Hope this helps.

marctaule commented 1 year ago

Hi @amrnn90 ! nice! It works! I was getting crazy :) Thanks you so much!!