root@example:~/example-api# node index
Express server listening on port 3000 in development mode
GET /oauth/token 200 24.690 ms - 24
ForbiddenError: invalid csrf token
at verifytoken (/root/example-api/node_modules/csurf/index.js:263:11)
at csrf (/root/example-api/node_modules/csurf/index.js:93:7)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at /root/example-api/node_modules/express-flash/lib/express-flash.js:31:7
at /root/example-api/node_modules/express-flash/node_modules/connect-flash/lib/flash.js:21:5
at /root/example-api/node_modules/express-flash/lib/express-flash.js:22:5
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at SessionStrategy.strategy.pass (/root/example-api/node_modules/passport/lib/middleware/authenticate.js:318:9)
at SessionStrategy.authenticate (/root/example-api/node_modules/passport/lib/strategies/session.js:67:10)
at attempt (/root/example-api/node_modules/passport/lib/middleware/authenticate.js:341:16)
at authenticate (/root/example-api/node_modules/passport/lib/middleware/authenticate.js:342:7)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at initialize (/root/example-api/node_modules/passport/lib/middleware/initialize.js:62:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at session (/root/example-api/node_modules/express-session/index.js:386:7)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at cookieParser (/root/example-api/node_modules/cookie-parser/index.js:34:14)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at methodOverride (/root/example-api/node_modules/method-override/index.js:77:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at /root/example-api/node_modules/express-validator/lib/express_validator.js:233:12
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at /root/example-api/node_modules/multer/index.js:218:19
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at jsonParser (/root/example-api/node_modules/body-parser/lib/types/json.js:103:37)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at logger (/root/example-api/node_modules/morgan/index.js:136:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at middleware (/root/example-api/node_modules/connect-assets/index.js:43:7)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at compression (/root/example-api/node_modules/compression/index.js:212:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at expressInit (/root/example-api/node_modules/express/lib/middleware/init.js:23:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at query (/root/example-api/node_modules/express/lib/middleware/query.js:28:5)
at Layer.handle [as handle_request] (/root/example-api/node_modules/express/lib/router/layer.js:82:5)
at trim_prefix (/root/example-api/node_modules/express/lib/router/index.js:302:13)
at /root/example-api/node_modules/express/lib/router/index.js:270:7
at Function.proto.process_params (/root/example-api/node_modules/express/lib/router/index.js:321:12)
at next (/root/example-api/node_modules/express/lib/router/index.js:261:10)
at Function.proto.handle (/root/example-api/node_modules/express/lib/router/index.js:166:3)
at EventEmitter.app.handle (/root/example-api/node_modules/express/lib/application.js:170:10)
at Server.app (/root/example-api/node_modules/express/lib/express.js:28:9)
at Server.EventEmitter.emit (events.js:98:17)
at HTTPParser.parser.onIncoming (http.js:2108:12)
at HTTPParser.parserOnHeadersComplete [as onHeadersComplete] (http.js:121:23)
at Socket.socket.ondata (http.js:1966:22)
at TCP.onread (net.js:525:27)
POST /oauth/signin 403 22.926 ms - -
How do I ensure that the proper csrf information is sent to the server? Currently my login handler looks like this:
It's when I send a POST request to /oauth/signin that my server is unhappy:
ForbiddenError: invalid csrf token
My express server code looks like this:
Here's the error code: