1

I have a Laravel project working on my server with my-domain.com perfectly. I want to upgrade it to beta version, but won't reflect it to live until complete upgrade.

So I setup subdomain(ex: dev.my-domain.com) and copied my project to another directory, link it to subdomain.

After copied the existing project to new directory, I cleared the cache & cookie, sessions.

The second project display with sub-domain but the problem is that when I try to login I'm getting an error "CSRF token mismatch".

enter image description here

Note: When setting up a subdomain, I set the subdomain to point to the IP address of my server. So my main domain & sub-domain point to the same IP address for now.

The existing site is working perfectly, and if I replaced the directory name connected to the subdomain with the directory name of the existing site for testing, the new cloned project worked perfectly as the original my-domain.

I tried to set the cookie & path as different in "config/session.php" file but it not solved my problem.

This is driving me crazy. I did some research and looked at similar issues, but I couldn't find a solution that exactly matched my problem. Does someone have any ideas on this?

Thanks in advance.

Improve this question
11
  • In config/session.php change your app name in this part: 'cookie' => env( 'SESSION_COOKIE', Str::slug(env('APP_NAME', 'yoursite'), '_').'_session' ), ---- and set sub domain url in env file Commented Feb 28, 2024 at 15:53
  • Yes. I changed APP_NAME to different name, and set APP_URL to my sub-domain as well, But not working. Commented Feb 28, 2024 at 16:07
  • I'm not sure but if it is a temporary app on your subdomain maybe protected $addHttpCookie = false; in app/Http/Middleware/VerifyCsrfToken.php will work. Commented Feb 28, 2024 at 16:18
  • I just tested, but not working, got same error. I tried to disable VerifyCsrfToken middlware in the Kenal.php for web routes, In this case I didn't get CSRF token error but It redirect to login page again after loggedin for some reason. Commented Feb 28, 2024 at 16:26
  • Because in your layouts app.blade.php by default included meta tag csrf token. Commented Feb 28, 2024 at 16:35
Related questions
0
Laravel Airlock - CSRF token mismatch
211
Laravel csrf token mismatch for ajax POST Request
4
Laravel 7 Sanctum: Same domain (*.herokuapp.com) but separate React SPA gets CSRF Token Mismatch
Load 4 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.