Question

我收到一个"419(未知状态)"错误信息是"CSRF代号不匹配"

POST http://127.0.0.1:800/login 419(未知状态)

“https://i.stack.imgur.com/9L6si.png' rel=“noreferrer'>CSRF象征性不匹配。

Vue 服务器 : http://localhost:8080

App/Http/Kernel.php 应用/Http/Kernel.php

 api  => [
    LaravelSanctumHttpMiddlewareEnsureFrontendRequestsAreStateful::class,
     throttle:api ,
    IlluminateRoutingMiddlewareSubstituteBindings::class,
],

应用/模式/用户.php

<?php

namespace AppModels;

use IlluminateDatabaseEloquentFactoriesHasFactory;
use IlluminateNotificationsNotifiable;
use LaravelSanctumHasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, HasFactory, Notifiable;
    //...
}

配置/cors.php

<?php

return [
     paths  => [
         api/* ,
         sanctum/csrf-cookie ,
         register ,
         login ,
    ],
     allowed_methods  => [ * ],
     allowed_origins  => [ * ],
     allowed_origins_patterns  => [],
     allowed_headers  => [ * ],
     exposed_headers  => [],
     max_age  => 0,
     supports_credentials  => true,
];

. env. env

SESSION_DRIVER=cookie
SESSION_DOMAIN=localhost
SANCTUM_STATEFUL_DOMAINS=localhost:8080

rc/main.js

axios.interceptors.request.use((config) => {
    config.baseURL =  http://127.0.0.1:8000 
    config.withCredentials = true

    return config
})

src/views/auth/login.vue 观测/观测/下水道/下水道

import axios from  axios 
import { reactive } from  @vue/reactivity ;

export default {
    setup() {

        const credential = reactive({
            email:   ,
            password:   ,
        })

        const login = async () => {
            axios.get( /sanctum/csrf-cookie ).then( async () => {
                let response = await axios.post( /login , credential)
                console.log(response);
            });
        }

        return { login, credential }
    }
};

Answer 1

您的 SANCTUM_STATEUL_DOMAINS 设置为 localhost: 8080 , 但代码的其余部分显示您正在8000而不是8080的端口运行。如果您更改为8000, 您应该是金色的。

Answer 2

我很难处理同样的问题。经过几次搜索,我登上这一页。看到可行的建议解决方案后,我改变了

SANCTUM_STATEFUL_DOMAINS=localhost:8080

至

SANCTUM_STATEFUL_DOMAINS=http://localhost:8080

就是这样,效果不错!

Answer 3

根据"https://laravel.com/docs/10.x/sanctum#cors-and-cookies" rel=“不跟随 noreferrer">Laravel Sanctum 文件

axios.defaults.withCredentials = true;
axios.defaults.withXSRFToken = true;

我忘了设置 axios. defaults. withxSRFToken = true; , 之后一切都正常。

Answer 4

I had the same problem and searched for a solution for days. The solution in my case (consider the settings above) was to change the .env to

SESSION_DRIVER=cookie

友情链接