Search code examples
phplaravelvue.jslaravel-9laravel-sanctum

vue js spa and laravel sanctum: cannot set crsf-cookie

CONTEXT AND GOAL

I have my laravel backend running on backend.domain

I have a vuejs spa trying to logging in from 'external.app.domain'

I need that vuejs spa can login, obatain A NEW token for the user, to, then, use for subsequent calls.

WHAT I DID

I am following this: https://laravel.com/docs/9.x/sanctum#csrf-protection

The call to sanctum/csrf-cookie works, but I got this from chrome

enter image description here

Axios in vue app is using

withCredentials: true,

Backend cors.php file has

'supports_credentials' => true,

Backend sanctum.php file has external.app.domain in the stateful array

THE MAIN PROBLEM

The problem is that calling /login to obtain a token I got this

CSRF token mismatch.

Simple question

What else must I do !?

Solution

  • SOLVED

    I had to remove the middleware of sanctum in api. I previously enabled because I was trying other way to use Sanctum itself.