Csrf token mismatch

[dkareithis]

Hello, I am configuring getcandy for a project and I have both the API and the frontend. I have been trying to login but I keep getting a 419 error code. I narrowed it down to csrf token mismatch. How can I resend the token for the app to work. I have done it successful with Postman but I am stuck using nuxt. I am using sanctum for auth and not passport. Thanks

[alecritson]

Hi @dkareithis

What's your set up? Are you running with Valet? The hub and the API need to be on the same host.

[dkareithis]

Hi @dkareithis

What's your set up? Are you running with Valet? The hub and the API need to be on the same host.

No. My API is on an apache server and I have exposed it's domain to the web using apache hosts config. The hub is on a different directory running on localhost port 3000.

I guess I get what you mean. Since I have exposed my API on public domain 192.168... that means I should do the same for the hub?

[alecritson]

Yeah the Hub and API should be running on the same top level domain. The Sanctum docs go into more detail https://laravel.com/docs/8.x/sanctum#spa-authentication

[dkareithis]

Solved it by using localhost:8000 for auth routes in the nuxt .env file and running my API server as php artisan serve --host=localhost so that both the API and SPA run on a TLD as you explained. Thanks