You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was configuring a project with Laravel Sanctum as authentication method and I found some difficulties in implementation.
At Postman, I had a Pre-request script like this one:
pm.sendRequest({url: pm.environment.get("BASE_URL")+'/sanctum/csrf-cookie',method: 'GET'},function(error,response,{ cookies }){if(!error){pm.environment.set('xsrf-token',cookies.get('XSRF-TOKEN'))}})
That I tried to translate to Bruno, at Pre-request section on collection settings, like this:
The principle is the same, make a GET Request to endpoint /sanctum/csrf-cookie, catch the cookie named XSRF-TOKEN and set this to the environment variable, then set two headers to the current Request:
The Referer
The xsrf-token
This two headers should be enough to a successful request, but i always receive a back-end error saying, CSRF Token mismatch.
I founded a similar issue (#1493) and follow the steps, it works, but every time that i need to login into API, I need to make a Request to a get endpoint manually.
The pre-request script would be to do this automatically.
Anyone pass through this situation? Or can help me to solve this?
If there isn't any solution, i will maintain the workflow that works for me today, but i would like to solve this problem.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi guys,
I was configuring a project with Laravel Sanctum as authentication method and I found some difficulties in implementation.
At Postman, I had a Pre-request script like this one:
That I tried to translate to Bruno, at Pre-request section on collection settings, like this:
The principle is the same, make a GET Request to endpoint
/sanctum/csrf-cookie
, catch the cookie namedXSRF-TOKEN
and set this to the environment variable, then set two headers to the current Request:Referer
xsrf-token
This two headers should be enough to a successful request, but i always receive a back-end error saying, CSRF Token mismatch.
I founded a similar issue (#1493) and follow the steps, it works, but every time that i need to login into API, I need to make a Request to a get endpoint manually.
The pre-request script would be to do this automatically.
Anyone pass through this situation? Or can help me to solve this?
If there isn't any solution, i will maintain the workflow that works for me today, but i would like to solve this problem.
Beta Was this translation helpful? Give feedback.
All reactions