'My csrf token refreshes every time the app boots on my vapor app
I just deployed an application using docker to vapor. The app is up but I am never able to persist a session because when I log csrf_token() method in my service provider boot method, every time a request gets through and the app gets booted it's a new csrf token. I have searched for days why this could happen but haven't gotten any explanation. Any help would be appreciated.
I have set the SESSION_LIFETIME variable on the .env but it does not change anything
Solution 1:[1]
Your login page should make this request when it mounts
axios.get('/sanctum/csrf-cookie').then(response => {});
You also need to make sure you have axios withCredentials set to true probably in your bootstrap.js.
window.axios = require('axios');
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
window.axios.defaults.withCredentials = true;
For your SESSION_LIFETIME are you setting it in your .env.production or whichever environment you are deploying to?
You also may need to check what you SESSION_DRIVER is set to in the same file
vapor env:pull staging //for example to see what you have
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | BobB |