samedi 29 août 2015

TokenMismatchException in VerifyCsrfToken

I am creating an angular app which hits a Laravel 5 api. I am working on user login/auth right now and am getting a TokenMismatchException in VerifyCsrfToken when I try to post via DHC, and a cors error when I try to log in through my application even though I have specified posts in my cors (See below).

You'll notice my AuthController below redirects because I am not using blade for templating, rather just using laravel for API endpoints.

a) I am not sure what VerifyCsrfToken is

b) Why my cors is acting up

Angular App:

Login Controller:

        Auth.login({
            username: $scope.user.username,
            password: $scope.user.password
        }).success(...

Auth Service:

      return {
        login: function(params) {
            return $http({
                method: 'POST',
                url: 'http://ift.tt/1VmuiJ8',
                data: params,
                cache: true
            });
        },

Laravel 5 API:

routes:

Route::group(['middleware' => 'cors'], function(\Illuminate\Routing\Router $router) {
   $router->get('/api/questions', 'ApiController@getQuestions');

   //Auth
   $router->controllers([
       'auth' => 'Auth\AuthController',
       'password' => 'Auth\PasswordController'
   ]);

Auth Controller:

class AuthController extends Controller {

use AuthenticatesAndRegistersUsers, ThrottlesLogins;
...

AuthenticatesAndRegistersUsers trait:

namespace Illuminate\Foundation\Auth;

trait AuthenticatesAndRegistersUsers
{
    use AuthenticatesUsers, RegistersUsers {
        AuthenticatesUsers::redirectPath insteadof RegistersUsers;
    }
}

AuthenticatesUsers.php

public function postLogin(Request $request)
{
    die('post login');  //not reaching this
    $this->validate($request, [
        $this->loginUsername() => 'required', 'password' => 'required',
    ]);

When I post to dde.localhost/auth/login in DHC, I get

TokenMismatchException in VerifyCsrfToken

When I login (post) from my Angular application, I get a cors issue:

enter image description here

This shouldn't happen because I am using cors middleware for my routing:

Route::group(['middleware' => 'cors'], function(...

Which allows POSTS from any application (here is my cors.php middleware):

return [
    'supportsCredentials' => false,
    'allowedOrigins' => ['*'],
    'allowedHeaders' => ['*'],
    'allowedMethods' => ['GET', 'POST', 'PUT',  'DELETE'],
    'exposedHeaders' => [],
    'maxAge' => 0,
    'hosts' => [],
];


from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/1VmuiZm
via IFTTT
Publié par à
Libellés : ,

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)