CSRF TOKEN MISMATCH - NEXTJS X SANCTUM BREEZE API | Laravel | Page 1

ruby kettle Mar 25, 2024, 11:24 AM

#

I'm having the error 419 been setting up the .env entirely tried to reverse engineer this CSRF to completely turn it off but does not work.

toxic patio Mar 25, 2024, 1:42 PM

#

you're probabely using web.php routes, there is a middleware group on it that includes csrf protection.

#

use api.php

#

or you can explain more of what you're doing and what you want to accomplish.

formal moat Mar 25, 2024, 1:44 PM

#

Why do you want to disable CSRF?

ornate fulcrum Mar 25, 2024, 2:26 PM

#

Yeah, disabling CSRF on a nextjs app sounds like a horrible idea, csrf is there for a reason.

ruby kettle Mar 25, 2024, 4:28 PM

#

I didn't want to spend 500 hours to solve this issue so I can actually start with the whole project

ornate fulcrum Mar 25, 2024, 4:29 PM

#

Up to you of course, just saying, you're making your app vulnerable for exploits if you completely disable CSRF.

ruby kettle Mar 25, 2024, 4:30 PM

#

Yea I don't need a handshake just so I can authenticate

#

It's local only

ornate fulcrum Mar 25, 2024, 4:32 PM

#

It's not a handshake tho, it's protection against a known exploitable thing. Like, you're then explicitly disabling security features, but you do you

#CSRF TOKEN MISMATCH - NEXTJS X SANCTUM BREEZE API