1

I build a spa with laravel-sanctum But I have problem when authenticate. Because authenticate via laravel-sanctum using CSRF (not token) needs to declare SANCTUM_STATEFUL_DOMAINS first. But postman or insomnia send request on a random port. So I can't authenticate

Can anyone give me a hint or something?

Le Dinh
  • 79
  • 9
  • 1
    Did you check this https://stackoverflow.com/questions/60843137/laravel-sanctum-unauthenticated ? – lucas-nguyen-17 Sep 17 '21 at 10:05
  • @lucasnguyen17 tks you. But I have problem with postman It send reuqest in dynamic port => I canot configure stateful domains to authenticate via X-CSRF (not token). And I have no problem in my front end – Le Dinh Sep 17 '21 at 11:10

1 Answers1

3
$domain = $request->headers->get('referer') ?: $request->headers->get('origin');

This is a snippet in \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class

=> NEED set header referer or origin to a given domain and declare this domain to SANCTUM_STATEFUL_DOMAINS config.

Le Dinh
  • 79
  • 9