Skip to content
Fix Code Error

Avoid creating new session on each axios request laravel

June 12, 2021 by Code Error
Posted By: Anonymous

I am working on an application that uses Laravel 8 in the backend and Nuxtjs in the frontend. My problem is that every time I make a request with Axios regardless of the method, Laravel creates a new session. This prevents me for example from checking the csrf cookie because each time a new session is generated. I don’t really know what to do and I would like to get your help please…

sample code to get the session token :

Route::get('/test', function() {
    return request()->session()->token();
});

First attempt : IM23wUv9NTY2IUu9gAJix6TTg3IFjjgOkasOkRhn

Second attempt : bMpuaa9Ink4dOUUJNEyJnbYYKSqSACP216Xq08Uh

Therefore, I always get a 419 for each of my requests.

Code:

const self = this
const rootURL = self.$axios.defaults.baseURL.replace('/api', '')
self.$axios.get('/sanctum/csrf-cookie', {
  baseURL: rootURL
}).then(() => {
  self.$axios.post('/auth/login', {
    email: self.email,
    password: self.password,
  }, {withCredentials: true}).then(({data: response}) => {
    console.log(response)
  })
})

Response:

{
    "message": "CSRF token mismatch.",
    "exception": "Symfony\Component\HttpKernel\Exception\HttpException",
    "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php",
    "line": 387,
    "trace": [
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php",
            "line": 332,
            "function": "prepareException",
            "class": "Illuminate\Foundation\Exceptions\Handler",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php",
            "line": 51,
            "function": "render",
            "class": "Illuminate\Foundation\Exceptions\Handler",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 172,
            "function": "handleException",
            "class": "Illuminate\Routing\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php",
            "line": 121,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php",
            "line": 64,
            "function": "handleStatefulRequest",
            "class": "Illuminate\Session\Middleware\StartSession",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Session\Middleware\StartSession",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php",
            "line": 37,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php",
            "line": 67,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Cookie\Middleware\EncryptCookies",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php",
            "line": 26,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 149,
            "function": "Laravel\Sanctum\Http\Middleware\{closure}",
            "class": "Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 103,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php",
            "line": 34,
            "function": "then",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 103,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Routing/Router.php",
            "line": 697,
            "function": "then",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Routing/Router.php",
            "line": 672,
            "function": "runRouteWithinStack",
            "class": "Illuminate\Routing\Router",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Routing/Router.php",
            "line": 636,
            "function": "runRoute",
            "class": "Illuminate\Routing\Router",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Routing/Router.php",
            "line": 625,
            "function": "dispatchToRoute",
            "class": "Illuminate\Routing\Router",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php",
            "line": 166,
            "function": "dispatch",
            "class": "Illuminate\Routing\Router",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 128,
            "function": "Illuminate\Foundation\Http\{closure}",
            "class": "Illuminate\Foundation\Http\Kernel",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php",
            "line": 21,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php",
            "line": 31,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\TransformsRequest",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php",
            "line": 21,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php",
            "line": 40,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\TransformsRequest",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\TrimStrings",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php",
            "line": 27,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\ValidatePostSize",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php",
            "line": 86,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/fruitcake/laravel-cors/src/HandleCors.php",
            "line": 52,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Fruitcake\Cors\HandleCors",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/fideloper/proxy/src/TrustProxies.php",
            "line": 57,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 167,
            "function": "handle",
            "class": "Fideloper\Proxy\TrustProxies",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php",
            "line": 103,
            "function": "Illuminate\Pipeline\{closure}",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php",
            "line": 141,
            "function": "then",
            "class": "Illuminate\Pipeline\Pipeline",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php",
            "line": 110,
            "function": "sendRequestThroughRouter",
            "class": "Illuminate\Foundation\Http\Kernel",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/public/index.php",
            "line": 52,
            "function": "handle",
            "class": "Illuminate\Foundation\Http\Kernel",
            "type": "->"
        },
        {
            "file": "/home/sidik/Projets/Colisone/web/laravel-backend/server.php",
            "line": 21,
            "function": "require_once"
        }
    ]
}

Solution

Sessions on servers are used to store some user data (IP, authentication, etc).
So because API’s are stateless (server doesn’t need to know about user) it seems like server generates a new session for every request and it’s logical.

What you should do is make your app in a way that it does not need session data (stateless).

I do not recommend that you do otherwise and have never done it before so I don’t know if it works but if you absolutely need the sessions then you must look at kernel.php file.

In $middlewareGroups array’s api you can add

IlluminateSessionMiddlewareStartSession::class,
to beginning of the array like this :

    'api' => [
        IlluminateSessionMiddlewareStartSession::class,
        'throttle:api',
        IlluminateRoutingMiddlewareSubstituteBindings::class,
        ],

OR

Generate a session for user in login (where you assign them a token),
store that session to database (create a sessions table).
Then create a middleware that checks if the the user that is making a request has any session in database. if yes assign that session to current user.
and add it in to the routes that you need.

If in a situation I need to do something like this I would choose option 2 because first I don’t think the first one solves your problem, second the later way still enables me to scale my app without worry (I would need to separate my db server anyway) .

you can search about ways to have session on API’s on google. you may find something that may suit you more.

Answered By: Anonymous

Related Articles

  • Why is it common to put CSRF prevention tokens in cookies?
  • Nuxt Hot reloading for new components Is not working
  • What is the best way to user authentication with Devise 3…
  • Failed to mount component on new laravel 5.5 project
  • How do I set/unset a cookie with jQuery?
  • Axios is not sending cookies
  • FUNCTION_INVOCATION_FAILED error on Vercel and Nuxt…
  • How do you remove a Cookie in a Java Servlet
  • Npm run serve Error
  • The definitive guide to form-based website authentication

Disclaimer: This content is shared under creative common license cc-by-sa 3.0. It is generated from StackExchange Website Network.

Post navigation

Previous Post:

sed copy substring in following line

Next Post:

OpenCV Object detection with Feature Detection and Homography

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Get code errors & solutions at akashmittal.com
© 2022 Fix Code Error