-1

i create project with laravel 12 and breeze & inertiajs - React mode

its Ok in localhost but when i push to production i cant send POST,PATCH,DELETE request get error: 419 Page Expired

i send _token from meta header tag

for example login Page:

    const {data, setData, post, processing, errors, reset} = useForm({
        email: '',
        password: '',
        remember: false as boolean,
        _token:  document.querySelector('meta[name="csrf-token"]')?.getAttribute('content'),
    });

    const submit: FormEventHandler = (e) => {
        e.preventDefault();
        post(route('login'), {
            onFinish: () => reset('password'),
        });
    };
}

Middleware

return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web:      __DIR__ . '/../routes/web.php',
        commands: __DIR__ . '/../routes/console.php',
        health:   '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
        $middleware->web(append: [
                                     \App\Http\Middleware\HandleInertiaRequests::class,
                                     \Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class,
                                 ]);

        //
    })
    ->withExceptions(function (Exceptions $exceptions) {
        $exceptions->respond(function (Response $response) {
            if ($response->getStatusCode() === 419) {
                return back()->with([
                                        'message' => 'The page expired, please try again.',
                                    ]);
            }

            return $response;
        });
    })->create();

Nginx config

server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/ssl-cert.pem;
    ssl_certificate_key /etc/nginx/ssl-privateKey.pem;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         'HIGH:!aNULL:!MD5';
    ssl_prefer_server_ciphers on;   
    server_name domain.com www.domain.com;

    root /var/www/domain/public;
    index index.php;

    
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    } 

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.2-fpm.sock;
    }
    location ~ /\.ht {
                deny all;
        }
    

}

how can i fix this ?? please help

i try and search a lot but any one have this problem can`t find the sulution;

Improve this question
1
  • 1. Check your session configuration In your .env file, make sure your session configuration is correct: SESSION_DRIVER=cookie SESSION_DOMAIN=localhost,and prod domain. Commented Mar 4 at 6:42

1 Answer 1

Reset to default
0

There is no Need to pass csrf token

Look : InertiaJS Docs

Laravel automatically includes the proper CSRF token when making requests via Inertia or Axios. However, if you're using Laravel, be sure to omit the csrf-token meta tag from your project, as this will prevent the CSRF token from refreshing properly.

If you do want to send manually (No need for this when laravel) :

Than this is the documented way :

import { router, usePage } from '@inertiajs/vue3'

const page = usePage()



_token: page.props.csrf_token,
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.