XSRF cookie not being set

[JoshPJackson]

Great package! thanks for making it. I'm having trouble logging in with my laravel backend. Using the login example code:

async function login() {
    try {
        await $sanctumAuth.login(
            {
                email: email.value,
                password: password.value
            },
            // optional callback function
            (data) => {
                console.log(data)
                router.push('/')
            }
        )
    } catch (e) {
        // your error handling
        errors.value = e.errors
    }
}

I can see the request to grab the xsrf cookie:

But the cookie doesn't seem to be set. When I inspect the login request the x-xsrf-token field is empty:

It looks like the cookie isn't being set for some reason. I've followed the default installation instructions. Can you help?

[AndreasHerss]

If you look at the request to the /csrf-token endpoint under the Set-Cookie you will see a little exclamation mark, if you hover it you will see the errors.

The problem is your site is being served over HTTP, on localhost. and therefore the Set-Cookie is being blocked due to the same-site settings on your cookie.

You need to serve your nuxt app over https, and loosen the cookie samesite restrictions :)

[kreejzak]

Hi @JoshPJackson, what are the contents of your SESSION_DOMAINS and SANCTUM_STATEFUL_DOMAINS? Have you specified localhost:3000 as one of the entries?

SESSION_DOMAINS=localhost,localhost:8000,localhost:3000,127.0.0.1,127.0.0.1:8000,::1
SANCTUM_STATEFUL_DOMAINS=localhost,localhost:8000,localhost:3000,127.0.0.1,127.0.0.1:8000,::1

If not, this could solve the problem with same-site cookie setting.

Hope this helps.

[JoshPJackson]

Ah ok, looks like it is my end then. Thanks for coming back to me @kreejzak and @AndreasHerss 👍