If you use Laravel you have probably encountered the following error "CSRF token mismatch".
Laravel uses CSRF tokens to protect your application from cross-site request forgery attacks.
If you encounter a "CSRF token mismatch" error, it usually means that the token sent with the request does not match the one expected by Laravel.
But, if a route does not need a session token, such as a user registration or password retrieval, and you get this error with status 419, how to fix it?
Solution:
You can fix the problem by excluding that specific path from CSRF protection in Laravel. To do so, follow these steps:
1 - Open the file app/Http/Middleware/VerifyCsrfToken.php, and add the path in the '$except' property, as follows:
In case it is an API:
protected $except = [ 'api/path-of-api-user-creation-api', ];
In case of being an SPA:
protected $except = [ '/path-from-api-user-creation-api', ];
Then restart the Laravel server so that it can take the change and that's it.
Top comments (0)