This repository was archived by the owner on Nov 15, 2023. It is now read-only.
This repository was archived by the owner on Nov 15, 2023. It is now read-only.
CSRF token mismatch after session timeout #611
Description
Question. Is there any way to refresh csrf token automatically (without refresh page) after session expires?
Echo setup:
main.config.globalProperties.$echo = new Echo({
broadcaster: 'socket.io',
csrfToken: document.querySelector('meta[name="csrf-token"]')?.getAttribute('content') ?? '',
key: document.querySelector('meta[name="broadcasting"]')?.getAttribute('content') ?? '',
host: `${window.location.hostname}:6001`,
withCredentials: true,
path: '/ws/',
auth: {
headers: {
Referer: window.location.hostname,
},
},
});
Open page, wait until session expires and try broadcast something, got error:
[8:26:38 AM] - dTq1ClUbWthkSvB4mmdw could not be authenticated to private-app.1
2023-03-21 12:26:38 {
2023-03-21 12:26:38 "message": "CSRF token mismatch.",
2023-03-21 12:26:38 "exception": "Symfony\\Component\\HttpKernel\\Exception\\HttpException",
2023-03-21 12:26:38 "file": "/var/www/flikto/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php",
2023-03-21 12:26:38 "line": 383,
2023-03-21 12:26:38 "trace": [
...