What versions of Laravel and Axios are you using in this video? I have an "api.domain" (Laravel 11) and "spa.domain" (React 18.3.1) Apps, and the browser is rejecting the XSRF-TOKEN cookie because it is a Cross-Site context with "SameSite: Lax". Why has it determined it is cross site??? I don't get it.
execellent video, im getting the same problem with laravel breeze, can u explain how i can fix? login page says the form is insecure but i have @crsf on it and when i submit i get the 419 expired page
Hey just looking into this problem myself. I am using laravel breeze and next.js but I don't understand why its become a problem now. Out of the box it worked fine and every now and then I would get this issue while trying to login but it would eventually fix it self. This time around its not going away so can you explain why this problem has come up?
Hey I watched the video again and check what my next.js front end was sending and it looks like for some reason it stopped sending the X-XSRF-TOKEN but it was still in the cookie so I just changed the Laravel backend to check there also for it as a temp work around. Thanks for the very helpful information.
@@cdruc "hey, if you’re using axios, they stopped sending it automatically a while ago. you will have to tell it to include it by setting withXSRFToken: true" There are a few developers who just cried and said thank you very much for this comment.
Well this is fun and all but the real trouble starts when you dive deeper and have to validate every post or get request back and forth to different api endpoints to get the right user ID and compare it to other columns in other relationships. Example, setting up a private chat in Laravel Reverb. Totally impossible.
So I am using the NextJS starter kit from Laravel Breeze. I have Laravel 11 set up as an API backend, but even after following all of your auth videos, I am still unable to fix my issue. I am not able to see the X-XSRF-TOKEN header in the request headers, however it should be included by default if I am not mistaken since I have: withCredentials: true, withXSRFToken: true,
Just so we're clear, we're talking about this one, right?: github.com/laravel/breeze-next/tree/master Is the starter kit not working at all? If it is working, and you have some pages where it's not, make sure you import axios from the lib directory - other than that I don't see why it wouldn't work. also, if you can share like a repo or something I'll gladly have a look
