Use bruno to connect to an API using Laravel Sanctum. #3098

roncallyt · 2024-09-13T21:46:04Z

roncallyt
Sep 13, 2024

Hi guys,

I was configuring a project with Laravel Sanctum as authentication method and I found some difficulties in implementation.

At Postman, I had a Pre-request script like this one:

pm.sendRequest({
	url: pm.environment.get("BASE_URL") + '/sanctum/csrf-cookie',
	method: 'GET'
}, function (error, response, { cookies }) {
	if (!error) {
		pm.environment.set('xsrf-token', cookies.get('XSRF-TOKEN'))
	}
})

That I tried to translate to Bruno, at Pre-request section on collection settings, like this:

const axios = require("axios")

const config = {
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json',
    'Referer': bru.getEnvVar('REFERER')
  }
}

try {
  const response = await axios.get(`${bru.getEnvVar('BASE_URL')}/sanctum/csrf-cookie`, config)

  const cookie = response.headers['set-cookie']
  const match  = cookie.match(/XSRF-TOKEN=([^;]+)/)
  const token = decodeURIComponent(match[1])

  bru.setEnvVar('X-XSRF-TOKEN', token)
  
  req.setHeader('Referer', bru.getEnvVar('REFERER'))
  req.setHeader('xsrf-token', bru.getEnvVar('X-XSRF-TOKEN'))
} catch (e) {
  console.error(e)
}

The principle is the same, make a GET Request to endpoint /sanctum/csrf-cookie, catch the cookie named XSRF-TOKEN and set this to the environment variable, then set two headers to the current Request:

The Referer
The xsrf-token

This two headers should be enough to a successful request, but i always receive a back-end error saying, CSRF Token mismatch.

I founded a similar issue (#1493) and follow the steps, it works, but every time that i need to login into API, I need to make a Request to a get endpoint manually.

The pre-request script would be to do this automatically.

Anyone pass through this situation? Or can help me to solve this?

If there isn't any solution, i will maintain the workflow that works for me today, but i would like to solve this problem.

devshack · 2025-01-09T19:52:02Z

devshack
Jan 9, 2025

Exactly my case scenario now - but sadly no ideas or recommendations, yet :(

0 replies

devshack · 2025-01-10T14:23:40Z

devshack
Jan 10, 2025

Here is one solution: #1493

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use bruno to connect to an API using Laravel Sanctum. #3098

{{title}}

Replies: 2 comments

{{title}}

{{title}}

Select a reply

Use bruno to connect to an API using Laravel Sanctum. #3098

roncallyt Sep 13, 2024

Replies: 2 comments

devshack Jan 9, 2025

devshack Jan 10, 2025

roncallyt
Sep 13, 2024

devshack
Jan 9, 2025

devshack
Jan 10, 2025