I'm building a web application using Laravel 5.6 and ReactJS 16.4.1.
I have set the csrf_token on my master.blade.php
on the <head>
as follows:
<meta name="csrf-token" content="{{csrf_token()}}">
Then on my reactJs, I loaded my registration component like so:
export default class RegistrationForm extends Component {
render() {
return (
<React.Fragment>
<form method="post" action={this.props.actionUrl}>
<div className="form-group">
<label htmlFor="txtEmail">Email</label>
<input type="email" name="txtEmail" id="txtEmail" className="form-control" placeholder="Email" />
</div>
<div className="form-group">
<label htmlFor="exampleInputPassword1">Password</label>
<input type="password" name="txtPassword" id="txtPassword" className="form-control" placeholder="Password" />
</div>
<div className="text-right">
<button type="submit" name="btnRegister" id="btnRegister" className="btn btn-primary">Register</button>
</div>
</form>
</React.Fragment>
);
}
}
Then when I hit the register button, I am being redirected to a The page has expired due to inactivity. Please refresh and try again.
page.
I'm not sure why this is still happening even I have the csrf-token meta already.
I have tried this already but still does not work.
But when I remove the VerifyCsrfToken
on the Kernel.php
, it works.
\App\Http\Modules\Common\Middleware\VerifyCsrfToken::class
Is it safe to remove this class? Though I still want to have the csrf validation as to why I do not want to just remove it on the middleware.