Why does the Laravel API return a 419 status code on POST and PUT methods?
If you are developing REST APIs, you better not add tokens. If you are using 5.4 or 5.5 you can use api.php
instead of web.php
. In api.php
you don't need token verifcation on post requests.
If you are using web.php
, then you can exculde routes that you don't want to validate with CSRF Tokens.
Here is the official documentation:
Excluding URIs From CSRF Protection
Sometimes you may wish to exclude a set of URIs from CSRF protection. For example, if you are using Stripe to process payments and are utilizing their webhook system, you will need to exclude your Stripe webhook handler route from CSRF protection since Stripe will not know what CSRF token to send to your routes.
Typically, you should place these kinds of routes outside of the
web
middleware group that theRouteServiceProvider
applies to all routes in theroutes/web.php
file. However, you may also exclude the routes by adding their URIs to the$except
property of theVerifyCsrfToken
middleware:<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'stripe/*',
'http://example.com/foo/bar',
'http://example.com/foo/*',
];
}
For reference https://laravel.com/docs/5.5/csrf
Laravel Http Client 419 unknown status
I agree with @ElektaKode that the issue is likely due to lack of csrf token.
In order to disable CSRF middleware while testing,
switch off CSRF token for this route at /app/Http/Midddleware/VerifyCsrfToken.php
, by updating:
protected $except = [ 'your-route-url' ];
Then you can use api authentication to follow it up.
The simplest way to use api authentication, follow this doc,
The other ways are either using Laravel passport or using jwt for api.(both will consume more time to set up, as you are using for testing using api authentication is your go to method.)
Related Topics
How to Retrieve Utf-8 Accented Characters from Access via Pdo_Odbc
Find Common Values in Multiple Arrays with PHP
Using Strtotime for Dates Before 1970
How to Implement Pagination in PHP
Getting Http Code in PHP Using Curl
Laravel Stylesheets and JavaScript Don't Load for Non-Base Routes
Generate Random 5 Characters String
Php7.1 JSON_Encode() Float Issue
Post Form and Update Multiple Rows with MySQL
PHP Array Behaving Strangely with Key Value 07 & 08
PHP Add Element to Every Sub Array of Multi Dimension Array
Confusing About This Cookies in Redirecting System
Interface or an Abstract Class: Which One to Use
PHP Expects T_Paamayim_Nekudotayim